last executing test programs: 16.076237457s ago: executing program 1 (id=1114): openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x800000, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19}) syz_emit_ethernet(0x2a, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_io_uring_setup(0x1c09, &(0x7f0000000140)={0x0, 0xfa25, 0x1, 0x3, 0x2d1}, &(0x7f0000000080), &(0x7f00000001c0)) r2 = syz_io_uring_setup(0xc8f, &(0x7f0000000000)={0x0, 0x7030, 0x10000, 0x1, 0x8000018, 0x0, r1}, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0xe45, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x8) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r4 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(r4, 0x0, 0x82, &(0x7f0000000200)={'filter\x00', 0x0, 0x0, 0x0, [0x3ff, 0x4, 0x3, 0x3ac, 0x1048, 0x7]}, &(0x7f0000000280)=0x50) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) io_uring_register$IORING_REGISTER_NAPI(r2, 0x1b, &(0x7f0000000280)={0x80, 0x44}, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5}) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc) bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r5, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c) 14.784792675s ago: executing program 1 (id=1118): openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x800000, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19}) syz_emit_ethernet(0x2a, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_io_uring_setup(0x1c09, &(0x7f0000000140)={0x0, 0xfa25, 0x1, 0x3, 0x2d1}, &(0x7f0000000080), &(0x7f00000001c0)) r2 = syz_io_uring_setup(0xc8f, &(0x7f0000000000)={0x0, 0x7030, 0x10000, 0x1, 0x8000018, 0x0, r1}, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0xe45, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x8) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r4 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(r4, 0x0, 0x82, &(0x7f0000000200)={'filter\x00', 0x0, 0x0, 0x0, [0x3ff, 0x4, 0x3, 0x3ac, 0x1048, 0x7]}, &(0x7f0000000280)=0x50) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) io_uring_register$IORING_REGISTER_NAPI(r2, 0x1b, &(0x7f0000000280)={0x80, 0x44}, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5}) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc) bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r5, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c) 13.374163802s ago: executing program 1 (id=1123): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001c0001040000000000", @ANYRES32, @ANYBLOB="040014000a000100000000000000000008"], 0x30}}, 0x0) landlock_create_ruleset(&(0x7f00000001c0)={0xa019, 0x1, 0x3}, 0x18, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[], 0x7c}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) rseq(0x0, 0x0, 0x0, 0x0) quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r4, 0x0, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0xf, 0x491, 0x3, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00) sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELOBJ={0x28, 0x14, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}]}], {0x14}}, 0x8c}}, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) landlock_create_ruleset(0x0, 0x0, 0x0) r5 = getpgid(0x0) syz_pidfd_open(r5, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00'}) 11.469563624s ago: executing program 3 (id=1128): setsockopt$bt_l2cap_L2CAP_OPTIONS(0xffffffffffffffff, 0x6, 0x1, &(0x7f0000000000)={0x4fc0, 0x80, 0x6, 0x0, 0x8, 0x80, 0x7}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) syz_open_dev$sg(&(0x7f00000060c0), 0xffffffff, 0x8002) r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4007fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0, 0x0, 0x7}, 0x18) openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x2002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0xd8, 0x30, 0x401, 0x0, 0x0, {}, [{0xc4, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x7c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x52, 0x6, "d8f195109eca43e24feb4a8813f9ac6d6d39c9ebe9a80bcd00b38ecc713449b747214140f06ce9a8c1cf27b01655777c76fbc86741641520d583a73c8aaf72e123f9741caf1e98eb581ba0afcaed"}, {0xc}, {0xc}}}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x804}, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x4) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x3f00, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0) openat$audio(0xffffff9c, &(0x7f00000004c0), 0x800, 0x0) writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000040)="b8", 0x1}], 0x1) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r5, 0xffffffffffffffff, 0x0) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x14) 10.279214885s ago: executing program 3 (id=1131): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000600)={0x3, 0x81, 0xf1eb}) userfaultfd(0x80001) socket$netlink(0x10, 0x3, 0x0) r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000001340)) ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0)=0x6f) openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) write$dsp(r2, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x10003, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_init_net_socket$llc(0x1a, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001000010400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="2b03e414e6864ed8aa49890100000000002400127dabfd21800b006e65766500001400028005007f2000"], 0x44}}, 0x0) setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x1, &(0x7f0000000140)=0x2, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102) writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_LINKS(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r6, 0x1, 0x0, 0x25dfdbfd, {{}, {}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) 9.183545678s ago: executing program 1 (id=1133): sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x3) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000600)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc-cast6-avx\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000280)="ad56b6c5820fae9d6dcd3292ea54c7beef915d564c90c200", 0x18) r2 = accept4(r1, 0x0, 0x0, 0x800) sendmmsg$alg(r2, &(0x7f0000000040)=[{0x0, 0x0, &(0x7f0000000340)=[{&(0x7f0000000080)="f78d9ca38fff48f3be52163448412ba8", 0x10}, {&(0x7f0000000140)="ebe3a0e9796cfd1647e299f4e376fdba128280b372219d205e81f4a7f71c1926aae1efd7e0054a863f3d5cfe6cb55b5bb9fa6935849e6098ed88", 0x3a}, {&(0x7f00000003c0)="e8700e444d50a969ff67347cff6127e6ef12ee3819271482a4975a52c1ab9b8b4db3945d1032005eabe97b4dc33a47d3a158da988456d30026b433186f53cdcdb93a4722bf306a10470d50f5cb1ece9ead3459bab1cf1538cd0b157653c5e892962c80f158c443e9c6ad7d2a8103ef2f4b93766b9a21501f94c1568b13756b66f74f46cf801704d2da8b96c34070b233af0afcc436712e58ed25e721193af05a045ad3fdc928f02f3dbad19d3e66eebda2e63f3f46ef4511cee26d7b48241847bf9e343ef4674c45e2a085060f11", 0xce}, {&(0x7f00000002c0)="be7a743534450e52940954b3bcbb1d378dc2a885b11423da7ee1287c458078855d704d8cdefcf8da847dac37b904dc7de71f2478ff76dc79335e192c14d99ca4e185cce9d77ae5181e8c1dc13d3bdc86387c7e77e302daf71ea746d64b60b0e96f237b99d0b9a25843817fdffb7cede1b80a62445c56309ed31355419482af", 0x7f}], 0x4, &(0x7f0000000680)=ANY=[@ANYBLOB="18000000000000001701000003000000010000000000000000000000000000001701000000000000000081003e6b02139383bf169f84d437cdab9993aecffb51023b46a29de85431726c6793e74b24e700764da187a770aef079ec77fba152573be0ffd3ae26d7f75747141f992f1db888721153914dd6d2b58357e2c93471a6c3453b441db141259baf879d9d81f72027383b202e6557feda51ecc647db6f950b0907004ce5b4193cbccbc2f6103072f45d9814acf9a93c9e78c964df967cd15f5ff64715ab378d02a8badb50e95bdc5d7aa38389a6eb241dddcc683ba061b49c1ab2bff29d7d3098b3bdacfa30d7c7792b2bb2b0454f6759aa0d53115e77a8f4c8e2f813c6fe1a4227f4b50fd7a0c94600000000000000"], 0x18}], 0x1, 0x40800) recvmsg(r2, &(0x7f00000005c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f00000000c0)=""/81, 0x7ffff000}, {&(0x7f0000000200)=""/83, 0x20000253}], 0x2}, 0x0) 9.096533141s ago: executing program 3 (id=1135): syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x800000, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19}) syz_emit_ethernet(0x2a, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_io_uring_setup(0x1c09, &(0x7f0000000140)={0x0, 0xfa25, 0x1, 0x3, 0x2d1}, &(0x7f0000000080), &(0x7f00000001c0)) r2 = syz_io_uring_setup(0xc8f, &(0x7f0000000000)={0x0, 0x7030, 0x10000, 0x1, 0x8000018, 0x0, r1}, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0xe45, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x8) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r4 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(r4, 0x0, 0x82, &(0x7f0000000200)={'filter\x00', 0x0, 0x0, 0x0, [0x3ff, 0x4, 0x3, 0x3ac, 0x1048, 0x7]}, &(0x7f0000000280)=0x50) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) io_uring_register$IORING_REGISTER_NAPI(r2, 0x1b, &(0x7f0000000280)={0x80, 0x44}, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5}) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc) bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r5, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c) 7.610675891s ago: executing program 0 (id=1137): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000600)={0x3, 0x81, 0xf1eb}) userfaultfd(0x80001) socket$netlink(0x10, 0x3, 0x0) r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000001340)) r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) read$dsp(r3, &(0x7f00000002c0)=""/4096, 0x1000) write$dsp(r2, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x10003, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_init_net_socket$llc(0x1a, 0x2, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001000010400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="2b03e414e6864ed8aa49890100000000002400127dabfd21800b006e65766500001400028005007f2000"], 0x44}}, 0x0) setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x1, &(0x7f0000000140)=0x2, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102) writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_LINKS(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r7, 0x1, 0x0, 0x25dfdbfd, {{}, {}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) 6.335489118s ago: executing program 2 (id=1139): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000600)={0x3, 0x81, 0xf1eb}) userfaultfd(0x80001) socket$netlink(0x10, 0x3, 0x0) r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000001340)) ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0)=0x6f) read$dsp(0xffffffffffffffff, &(0x7f00000002c0)=""/4096, 0x1000) write$dsp(r2, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x10003, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_init_net_socket$llc(0x1a, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001000010400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="2b03e414e6864ed8aa49890100000000002400127dabfd21800b006e65766500001400028005007f2000"], 0x44}}, 0x0) setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x1, &(0x7f0000000140)=0x2, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102) writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_LINKS(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r6, 0x1, 0x0, 0x25dfdbfd, {{}, {}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) 6.319019008s ago: executing program 0 (id=1140): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000600)={0x3, 0x81, 0xf1eb}) userfaultfd(0x80001) socket$netlink(0x10, 0x3, 0x0) r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000001340)) ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0)=0x6f) read$dsp(0xffffffffffffffff, &(0x7f00000002c0)=""/4096, 0x1000) write$dsp(r2, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x10003, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_init_net_socket$llc(0x1a, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001000010400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="2b03e414e6864ed8aa49890100000000002400127dabfd21800b006e65766500001400028005007f2000"], 0x44}}, 0x0) setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x1, &(0x7f0000000140)=0x2, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102) writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_LINKS(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r6, 0x1, 0x0, 0x25dfdbfd, {{}, {}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) 6.089012543s ago: executing program 1 (id=1141): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000000)={0x4fc0, 0x80, 0x6, 0x0, 0x8, 0x80, 0x7}, 0xc) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) syz_open_dev$sg(&(0x7f00000060c0), 0xffffffff, 0x8002) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4007fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x7}, 0x18) openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x2002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0xd8, 0x30, 0x401, 0x0, 0x0, {}, [{0xc4, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x7c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x52, 0x6, "d8f195109eca43e24feb4a8813f9ac6d6d39c9ebe9a80bcd00b38ecc713449b747214140f06ce9a8c1cf27b01655777c76fbc86741641520d583a73c8aaf72e123f9741caf1e98eb581ba0afcaed"}, {0xc}, {0xc}}}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x804}, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x4) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x3f00, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0) openat$audio(0xffffff9c, &(0x7f00000004c0), 0x800, 0x0) writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000040)="b8", 0x1}], 0x1) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r6, 0xffffffffffffffff, 0x0) r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0) ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0x14) 5.346701501s ago: executing program 0 (id=1142): syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001c00010400000000000000", @ANYRES32, @ANYBLOB="040014000a000100000000000000000008"], 0x30}}, 0x0) r0 = landlock_create_ruleset(&(0x7f00000001c0)={0xa019, 0x1, 0x3}, 0x18, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, 0x0}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) rseq(0x0, 0x0, 0x0, 0x0) quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r4, 0x0, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x28, 0x10, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe}}, [@TCA_STAB={0x4}]}, 0x28}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00) sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELOBJ={0x28, 0x14, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}]}], {0x14}}, 0x8c}}, 0x0) landlock_restrict_self(r0, 0x0) landlock_create_ruleset(0x0, 0x0, 0x0) r5 = getpgid(0x0) syz_pidfd_open(r5, 0x0) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, &(0x7f00000002c0)={'wlan0\x00'}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x3, 0xc, &(0x7f0000000140)=@framed={{0x18, 0x2, 0x0, 0x0, 0x20000001, 0x0, 0x0, 0x0, 0xfffffffd}, [@call={0x85, 0x0, 0x0, 0x13}, @printk={@lld, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x70}}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x8}, 0x94) 5.215198494s ago: executing program 2 (id=1143): r0 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="300000001c0001040000000000", @ANYRES32, @ANYBLOB="040014000a000100000000000000000008"], 0x30}}, 0x0) landlock_create_ruleset(&(0x7f00000001c0)={0xa019, 0x1, 0x3}, 0x18, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000000c0)=ANY=[], 0x7c}}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xe4b, 0x11e41e7a, 0x20000000, 0x3, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0xc0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000380)=0x34) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) rseq(0x0, 0x0, 0x0, 0x0) quotactl$Q_SYNC(0xffffffff80000102, 0x0, 0x0, 0x0) r3 = socket$netlink(0x10, 0x3, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFQNL_MSG_CONFIG(r4, 0x0, 0x0) sendmsg(0xffffffffffffffff, 0x0, 0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) sendmsg$nl_route_sched(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000440)=@newqdisc={0x54, 0x10, 0x1, 0xfffffffc, 0x0, {0x0, 0x0, 0x0, 0x0, {0xffe0}, {0xf}, {0xe}}, [@TCA_RATE={0x6, 0x5, {0x9, 0x1}}, @TCA_STAB={0x28, 0x8, 0x0, 0x1, [{{0x1c, 0x1a, {0x0, 0xf, 0x491, 0x3, 0x0, 0x0, 0x8, 0x2}}, {0x8, 0x1b, [0x0, 0x0]}}]}]}, 0x54}, 0x1, 0x0, 0x0, 0x80}, 0x4000c00) sendmsg$NFT_BATCH(r1, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000300)={{0x14}, [@NFT_MSG_NEWSET={0x3c, 0x12, 0xa, 0x9, 0x0, 0x0, {0x2}, [@NFTA_SET_NAME={0x9, 0x2, 'syz1\x00'}, @NFTA_SET_KEY_TYPE={0x8}, @NFTA_SET_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x1}]}, @NFT_MSG_DELOBJ={0x28, 0x14, 0xa, 0x3, 0x0, 0x0, {0x2}, [@NFTA_OBJ_TYPE={0x8, 0x3, 0x1, 0x0, 0x1}, @NFTA_OBJ_NAME={0x9, 0x2, 'syz1\x00'}]}], {0x14}}, 0x8c}}, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) landlock_create_ruleset(0x0, 0x0, 0x0) r5 = getpgid(0x0) syz_pidfd_open(r5, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000002c0)={'wlan0\x00'}) 4.306102872s ago: executing program 0 (id=1144): syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x800000, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19}) syz_emit_ethernet(0x2a, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_io_uring_setup(0x1c09, &(0x7f0000000140)={0x0, 0xfa25, 0x1, 0x3, 0x2d1}, &(0x7f0000000080), &(0x7f00000001c0)) r2 = syz_io_uring_setup(0xc8f, &(0x7f0000000000)={0x0, 0x7030, 0x10000, 0x1, 0x8000018, 0x0, r1}, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0xe45, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x8) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r4 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(r4, 0x0, 0x82, &(0x7f0000000200)={'filter\x00', 0x0, 0x0, 0x0, [0x3ff, 0x4, 0x3, 0x3ac, 0x1048, 0x7]}, &(0x7f0000000280)=0x50) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) io_uring_register$IORING_REGISTER_NAPI(r2, 0x1b, &(0x7f0000000280)={0x80, 0x44}, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5}) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc) bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r5, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c) 4.28901623s ago: executing program 3 (id=1145): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) syz_open_dev$sg(&(0x7f00000060c0), 0xffffffff, 0x8002) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4007fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x7}, 0x18) openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x2002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0xd8, 0x30, 0x401, 0x0, 0x0, {}, [{0xc4, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x7c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x52, 0x6, "d8f195109eca43e24feb4a8813f9ac6d6d39c9ebe9a80bcd00b38ecc713449b747214140f06ce9a8c1cf27b01655777c76fbc86741641520d583a73c8aaf72e123f9741caf1e98eb581ba0afcaed"}, {0xc}, {0xc}}}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x804}, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x4) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x3f00, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0) openat$audio(0xffffff9c, &(0x7f00000004c0), 0x800, 0x0) writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000040)="b8", 0x1}], 0x1) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r6, 0xffffffffffffffff, 0x0) r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0) ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0x14) 4.20621787s ago: executing program 2 (id=1146): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000600)={0x3, 0x81, 0xf1eb}) userfaultfd(0x80001) socket$netlink(0x10, 0x3, 0x0) r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000001340)) ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f00000001c0)=0x6f) read$dsp(0xffffffffffffffff, &(0x7f00000002c0)=""/4096, 0x1000) write$dsp(r2, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x10003, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_init_net_socket$llc(0x1a, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001000010400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="2b03e414e6864ed8aa49890100000000002400127dabfd21800b006e65766500001400028005007f2000"], 0x44}}, 0x0) setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x1, &(0x7f0000000140)=0x2, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r4 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102) writev(r4, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_LINKS(r5, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r6, 0x1, 0x0, 0x25dfdbfd, {{}, {}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) 3.277201202s ago: executing program 2 (id=1147): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000000)={0x4fc0, 0x80, 0x6, 0x0, 0x8, 0x80, 0x7}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) syz_open_dev$sg(&(0x7f00000060c0), 0xffffffff, 0x8002) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4007fff}, 0x94) openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x2002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0xd8, 0x30, 0x401, 0x0, 0x0, {}, [{0xc4, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x7c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x52, 0x6, "d8f195109eca43e24feb4a8813f9ac6d6d39c9ebe9a80bcd00b38ecc713449b747214140f06ce9a8c1cf27b01655777c76fbc86741641520d583a73c8aaf72e123f9741caf1e98eb581ba0afcaed"}, {0xc}, {0xc}}}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x804}, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x4) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x3f00, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0) openat$audio(0xffffff9c, &(0x7f00000004c0), 0x800, 0x0) writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000040)="b8", 0x1}], 0x1) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r5, 0xffffffffffffffff, 0x0) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x14) 1.231322344s ago: executing program 3 (id=1148): socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) r0 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSKBENT(r0, 0x4b47, &(0x7f0000000600)={0x3, 0x81, 0xf1eb}) userfaultfd(0x80001) socket$netlink(0x10, 0x3, 0x0) r1 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r1, 0xc004500a, &(0x7f0000001340)) r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) read$dsp(r2, &(0x7f00000002c0)=""/4096, 0x1000) write$dsp(r1, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) 1.146420397s ago: executing program 2 (id=1149): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) syz_open_dev$sg(&(0x7f00000060c0), 0xffffffff, 0x8002) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4007fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x7}, 0x18) openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x2002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0xd8, 0x30, 0x401, 0x0, 0x0, {}, [{0xc4, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x7c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x52, 0x6, "d8f195109eca43e24feb4a8813f9ac6d6d39c9ebe9a80bcd00b38ecc713449b747214140f06ce9a8c1cf27b01655777c76fbc86741641520d583a73c8aaf72e123f9741caf1e98eb581ba0afcaed"}, {0xc}, {0xc}}}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x804}, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x4) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x3f00, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0) openat$audio(0xffffff9c, &(0x7f00000004c0), 0x800, 0x0) writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000040)="b8", 0x1}], 0x1) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r6, 0xffffffffffffffff, 0x0) r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0) ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0x14) 999.882616ms ago: executing program 1 (id=1150): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) syz_open_dev$sg(&(0x7f00000060c0), 0xffffffff, 0x8002) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4007fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x7}, 0x18) openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x2002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0xd8, 0x30, 0x401, 0x0, 0x0, {}, [{0xc4, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x7c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x52, 0x6, "d8f195109eca43e24feb4a8813f9ac6d6d39c9ebe9a80bcd00b38ecc713449b747214140f06ce9a8c1cf27b01655777c76fbc86741641520d583a73c8aaf72e123f9741caf1e98eb581ba0afcaed"}, {0xc}, {0xc}}}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x804}, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x4) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x3f00, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0) openat$audio(0xffffff9c, &(0x7f00000004c0), 0x800, 0x0) writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000040)="b8", 0x1}], 0x1) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r6, 0xffffffffffffffff, 0x0) r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0) ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0x14) 972.07861ms ago: executing program 0 (id=1151): r0 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_route(0x10, 0x3, 0x0) capset(&(0x7f0000000000)={0x20080522}, &(0x7f0000000280)={0x0, 0x0, 0x0, 0x81, 0xffffffff}) r1 = syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KDSKBENT(r1, 0x4b47, &(0x7f0000000600)={0x3, 0x81, 0xf1eb}) userfaultfd(0x80001) socket$netlink(0x10, 0x3, 0x0) r2 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000040), 0xa0301, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000001340)) r3 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) read$dsp(r3, &(0x7f00000002c0)=""/4096, 0x1000) write$dsp(r2, &(0x7f00000012c0)="a52876830a602214f6b4e928d758f38a5a7cb4b31c4c09289e9ebb6286784ca3", 0x4000) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x80202, 0x0) pselect6(0x40, &(0x7f0000000240)={0x0, 0x0, 0x1ff, 0x7d, 0x0, 0x8000, 0x4, 0x49}, 0x0, &(0x7f00000002c0)={0x3ff, 0x10003, 0xffffffffffffffff, 0x9, 0x0, 0xf, 0x80000006}, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_init_net_socket$llc(0x1a, 0x2, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f00000000c0)=ANY=[@ANYBLOB="440000001000010400000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="2b03e414e6864ed8aa49890100000000002400127dabfd21800b006e65766500001400028005007f2000"], 0x44}}, 0x0) setsockopt$llc_int(0xffffffffffffffff, 0x10c, 0x1, &(0x7f0000000140)=0x2, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) r5 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102) writev(r5, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$tipc(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$TIPC_CMD_GET_LINKS(r6, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000080)={0x24, r7, 0x1, 0x0, 0x25dfdbfd, {{}, {}, {0x8}}}, 0x24}, 0x1, 0x0, 0x0, 0x4004810}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000140), r0) 200.184601ms ago: executing program 2 (id=1152): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, &(0x7f0000000000)={0x4fc0, 0x80, 0x6, 0x0, 0x8, 0x80, 0x7}, 0xc) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) syz_open_dev$sg(&(0x7f00000060c0), 0xffffffff, 0x8002) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4007fff}, 0x94) openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x2002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0xd8, 0x30, 0x401, 0x0, 0x0, {}, [{0xc4, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x7c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x52, 0x6, "d8f195109eca43e24feb4a8813f9ac6d6d39c9ebe9a80bcd00b38ecc713449b747214140f06ce9a8c1cf27b01655777c76fbc86741641520d583a73c8aaf72e123f9741caf1e98eb581ba0afcaed"}, {0xc}, {0xc}}}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x804}, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x4) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r4, &(0x7f0000000300)={0x0, 0x3f00, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0) openat$audio(0xffffff9c, &(0x7f00000004c0), 0x800, 0x0) writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000040)="b8", 0x1}], 0x1) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r5, 0xffffffffffffffff, 0x0) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f0000000040)=0x14) 198.996108ms ago: executing program 3 (id=1153): syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) openat$kvm(0xffffffffffffff9c, 0x0, 0x800000, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2000003, 0x8031, 0xffffffffffffffff, 0x0) r0 = userfaultfd(0x80001) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x19}) syz_emit_ethernet(0x2a, 0x0, 0x0) openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x802, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_io_uring_setup(0x1c09, &(0x7f0000000140)={0x0, 0xfa25, 0x1, 0x3, 0x2d1}, &(0x7f0000000080), &(0x7f00000001c0)) r2 = syz_io_uring_setup(0xc8f, &(0x7f0000000000)={0x0, 0x7030, 0x10000, 0x1, 0x8000018, 0x0, r1}, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0xe45, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000200)=0x5) openat$sequencer(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x141102) setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(0xffffffffffffffff, 0x6, 0x14, 0x0, 0x8) writev(r3, &(0x7f0000000840)=[{&(0x7f00000002c0)="94", 0xf000}, {0x0}], 0x2) r4 = socket$inet_smc(0x2b, 0x1, 0x0) getsockopt$EBT_SO_GET_INIT_INFO(r4, 0x0, 0x82, &(0x7f0000000200)={'filter\x00', 0x0, 0x0, 0x0, [0x3ff, 0x4, 0x3, 0x3ac, 0x1048, 0x7]}, &(0x7f0000000280)=0x50) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) io_uring_register$IORING_REGISTER_NAPI(r2, 0x1b, &(0x7f0000000280)={0x80, 0x44}, 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000100)={{&(0x7f0000010000/0x1000)=nil, 0x1000}, 0x5}) r5 = socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000580)={0x0, @in={{0x2, 0x0, @empty}}, 0x0, 0x0, 0x3fc, 0x0, 0x32}, 0x9c) setsockopt$inet_sctp6_SCTP_DEFAULT_PRINFO(r5, 0x84, 0x72, &(0x7f00000001c0)={0x0, 0x1, 0x20}, 0xc) bind$inet6(r5, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendto$inet6(r5, &(0x7f0000847fff)='X', 0x34000, 0x0, &(0x7f000005ffe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r5, 0x84, 0x9, &(0x7f0000000a00)={0x0, @in6={{0xa, 0x4e23, 0x0, @loopback}}, 0x100, 0x0, 0x0, 0x0, 0x54}, 0x9c) 0s ago: executing program 0 (id=1154): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) setsockopt$bt_l2cap_L2CAP_OPTIONS(r0, 0x6, 0x1, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x9, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xe8c}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x16, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc}, 0x94) syz_open_dev$sg(&(0x7f00000060c0), 0xffffffff, 0x8002) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000ae00000095"], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback=0x2e, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4007fff}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r1, 0x0, 0x7}, 0x18) openat$sequencer(0xffffff9c, &(0x7f0000000040), 0x2002, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0xd8, 0x30, 0x401, 0x0, 0x0, {}, [{0xc4, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x7c, 0x1, 0x0, 0x0, {{0x8}, {0x4}, {0x52, 0x6, "d8f195109eca43e24feb4a8813f9ac6d6d39c9ebe9a80bcd00b38ecc713449b747214140f06ce9a8c1cf27b01655777c76fbc86741641520d583a73c8aaf72e123f9741caf1e98eb581ba0afcaed"}, {0xc}, {0xc}}}]}]}, 0xd8}, 0x1, 0x0, 0x0, 0x804}, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x400000000000041, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x4) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r5, &(0x7f0000000300)={0x0, 0x3f00, &(0x7f0000001200)={&(0x7f00000004c0)={0x38, 0x1403, 0x1, 0x70bd2d, 0x0, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0x38}, 0x1, 0x0, 0x0, 0x854}, 0x0) openat$audio(0xffffff9c, &(0x7f00000004c0), 0x800, 0x0) writev(0xffffffffffffffff, &(0x7f0000000180)=[{&(0x7f0000000040)="b8", 0x1}], 0x1) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fff7ffc}]}) close_range(r6, 0xffffffffffffffff, 0x0) r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000100), 0x800, 0x0) ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000040)=0x14) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:33510' (ED25519) to the list of known hosts. [ 48.661364][ T5856] cgroup: Unknown subsys name 'net' [ 48.845743][ T5856] cgroup: Unknown subsys name 'cpuset' [ 48.853338][ T5856] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 50.044559][ T5856] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 53.786820][ T5300] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 53.791002][ T5300] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 53.794831][ T5300] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 53.797806][ T5300] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 53.801097][ T5300] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 53.805376][ T5946] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 53.808399][ T5946] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 53.811037][ T5946] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 53.820160][ T5946] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 53.821738][ T5952] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 53.825355][ T5952] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 53.825777][ T5946] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 53.831301][ T5955] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 53.832064][ T5300] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 53.835675][ T5955] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 53.840455][ T5300] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 53.840505][ T5955] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 53.846254][ T5955] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 53.846673][ T5300] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 53.850316][ T5955] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 54.134685][ T5954] chnl_net:caif_netlink_parms(): no params data found [ 54.165630][ T5944] chnl_net:caif_netlink_parms(): no params data found [ 54.224231][ T5949] chnl_net:caif_netlink_parms(): no params data found [ 54.255624][ T5954] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.259236][ T5954] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.264427][ T5954] bridge_slave_0: entered allmulticast mode [ 54.269459][ T5954] bridge_slave_0: entered promiscuous mode [ 54.274562][ T5953] chnl_net:caif_netlink_parms(): no params data found [ 54.355555][ T5954] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.357990][ T5954] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.360314][ T5954] bridge_slave_1: entered allmulticast mode [ 54.363244][ T5954] bridge_slave_1: entered promiscuous mode [ 54.400127][ T5954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.413713][ T5954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.445837][ T5944] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.448891][ T5944] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.452050][ T5944] bridge_slave_0: entered allmulticast mode [ 54.455894][ T5944] bridge_slave_0: entered promiscuous mode [ 54.494271][ T5944] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.497392][ T5944] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.500489][ T5944] bridge_slave_1: entered allmulticast mode [ 54.504740][ T5944] bridge_slave_1: entered promiscuous mode [ 54.547018][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.550070][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.553230][ T5949] bridge_slave_0: entered allmulticast mode [ 54.557070][ T5949] bridge_slave_0: entered promiscuous mode [ 54.562849][ T5954] team0: Port device team_slave_0 added [ 54.586170][ T5944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.590200][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.593235][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.596210][ T5949] bridge_slave_1: entered allmulticast mode [ 54.599112][ T5949] bridge_slave_1: entered promiscuous mode [ 54.603711][ T5954] team0: Port device team_slave_1 added [ 54.611819][ T5953] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.614136][ T5953] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.616424][ T5953] bridge_slave_0: entered allmulticast mode [ 54.619136][ T5953] bridge_slave_0: entered promiscuous mode [ 54.624701][ T5944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.654219][ T5953] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.656951][ T5953] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.659248][ T5953] bridge_slave_1: entered allmulticast mode [ 54.662506][ T5953] bridge_slave_1: entered promiscuous mode [ 54.675556][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.678982][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.681212][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.689253][ T5954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.700810][ T5944] team0: Port device team_slave_0 added [ 54.704748][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.708702][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.710930][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.718993][ T5954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.728728][ T5944] team0: Port device team_slave_1 added [ 54.737210][ T5953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.765907][ T5953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.777475][ T5949] team0: Port device team_slave_0 added [ 54.797085][ T5949] team0: Port device team_slave_1 added [ 54.800391][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.803453][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.814093][ T5944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.819885][ T5953] team0: Port device team_slave_0 added [ 54.828962][ T5953] team0: Port device team_slave_1 added [ 54.838546][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.841417][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.852248][ T5944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.867426][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.869630][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.877595][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.887084][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.889259][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.897239][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.920985][ T5954] hsr_slave_0: entered promiscuous mode [ 54.923861][ T5954] hsr_slave_1: entered promiscuous mode [ 54.929050][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.931995][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.942008][ T5953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.952333][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.955230][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 54.965333][ T5953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.992329][ T5949] hsr_slave_0: entered promiscuous mode [ 54.995542][ T5949] hsr_slave_1: entered promiscuous mode [ 54.999859][ T5949] debugfs: 'hsr0' already exists in 'hsr' [ 55.003348][ T5949] Cannot create hsr debugfs directory [ 55.031317][ T5944] hsr_slave_0: entered promiscuous mode [ 55.033669][ T5944] hsr_slave_1: entered promiscuous mode [ 55.035826][ T5944] debugfs: 'hsr0' already exists in 'hsr' [ 55.037849][ T5944] Cannot create hsr debugfs directory [ 55.088868][ T5953] hsr_slave_0: entered promiscuous mode [ 55.091201][ T5953] hsr_slave_1: entered promiscuous mode [ 55.094058][ T5953] debugfs: 'hsr0' already exists in 'hsr' [ 55.096145][ T5953] Cannot create hsr debugfs directory [ 55.366721][ T5954] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 55.377687][ T5954] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 55.385506][ T5954] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 55.397052][ T5954] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 55.457155][ T5944] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 55.464409][ T5944] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 55.469143][ T5944] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 55.473359][ T5944] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 55.515531][ T5949] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 55.521751][ T5949] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 55.525713][ T5949] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 55.529795][ T5949] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 55.576379][ T5953] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 55.583382][ T5953] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 55.587759][ T5953] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 55.592602][ T5953] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 55.628522][ T5954] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.647729][ T5944] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.663840][ T5954] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.677704][ T1233] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.680145][ T1233] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.698357][ T5944] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.705217][ T1233] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.708276][ T1233] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.720553][ T1233] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.723552][ T1233] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.735171][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.743612][ T73] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.746618][ T73] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.776805][ T5949] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.784453][ T5953] 8021q: adding VLAN 0 to HW filter on device bond0 [ 55.797248][ T93] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.799621][ T93] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.813067][ T93] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.815362][ T93] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.823025][ T5953] 8021q: adding VLAN 0 to HW filter on device team0 [ 55.831206][ T93] bridge0: port 1(bridge_slave_0) entered blocking state [ 55.833514][ T93] bridge0: port 1(bridge_slave_0) entered forwarding state [ 55.849891][ T93] bridge0: port 2(bridge_slave_1) entered blocking state [ 55.852440][ T93] bridge0: port 2(bridge_slave_1) entered forwarding state [ 55.862071][ T5950] Bluetooth: hci3: command tx timeout [ 55.862230][ T64] Bluetooth: hci1: command tx timeout [ 55.864115][ T5955] Bluetooth: hci0: command tx timeout [ 55.953635][ T5955] Bluetooth: hci2: command tx timeout [ 55.976000][ T5954] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.001090][ T5944] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.023492][ T5954] veth0_vlan: entered promiscuous mode [ 56.046589][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.055897][ T5953] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.060065][ T5954] veth1_vlan: entered promiscuous mode [ 56.074932][ T5944] veth0_vlan: entered promiscuous mode [ 56.089140][ T5944] veth1_vlan: entered promiscuous mode [ 56.112721][ T5954] veth0_macvtap: entered promiscuous mode [ 56.121542][ T5954] veth1_macvtap: entered promiscuous mode [ 56.127547][ T5953] veth0_vlan: entered promiscuous mode [ 56.141533][ T5953] veth1_vlan: entered promiscuous mode [ 56.149807][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.155350][ T5944] veth0_macvtap: entered promiscuous mode [ 56.162749][ T5944] veth1_macvtap: entered promiscuous mode [ 56.165716][ T5949] veth0_vlan: entered promiscuous mode [ 56.176042][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.188652][ T5949] veth1_vlan: entered promiscuous mode [ 56.192814][ T93] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.195767][ T93] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.201164][ T93] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.205605][ T93] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.219804][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.233917][ T5953] veth0_macvtap: entered promiscuous mode [ 56.238335][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.246828][ T5953] veth1_macvtap: entered promiscuous mode [ 56.259353][ T73] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.263699][ T73] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.270315][ T73] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.278082][ T73] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.283212][ T73] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.286015][ T73] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.293778][ T5949] veth0_macvtap: entered promiscuous mode [ 56.302768][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.307376][ T5949] veth1_macvtap: entered promiscuous mode [ 56.322835][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.343850][ T93] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.347224][ T93] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.347576][ T1140] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.356532][ T1140] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.359832][ T1140] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.361115][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.364068][ T1140] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.372631][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.380773][ T93] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.387326][ T93] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.398868][ T1007] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.402833][ T1007] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.410474][ T5954] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 56.412052][ T1007] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.419647][ T1007] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.425556][ T1007] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.428826][ T1007] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.475616][ T93] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.478155][ T93] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.514793][ T73] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.517270][ T73] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.546377][ T1140] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.549619][ T1140] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.563617][ T73] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.566126][ T73] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.831262][ T6038] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.834822][ T6038] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.922491][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.198332][ T6038] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 57.204506][ T6038] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 57.299964][ T12] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.332759][ T12] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.377684][ T12] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.382580][ T12] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 57.421891][ T6044] netlink: 12 bytes leftover after parsing attributes in process `syz.0.5'. [ 57.630998][ T6051] netlink: 12 bytes leftover after parsing attributes in process `syz.3.4'. [ 57.646279][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 57.646348][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.691969][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.694937][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.697811][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.700792][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.703886][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.707141][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.710109][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.942483][ T64] Bluetooth: hci3: command tx timeout [ 57.944910][ T5955] Bluetooth: hci0: command tx timeout [ 57.947328][ T64] Bluetooth: hci1: command tx timeout [ 58.021764][ T64] Bluetooth: hci2: command tx timeout [ 58.690895][ T6055] bridge0: port 2(bridge_slave_1) entered disabled state [ 58.693580][ T6055] bridge0: port 1(bridge_slave_0) entered disabled state [ 58.745585][ T6055] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 58.750802][ T6055] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 58.848452][ T12] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.861768][ T12] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.866817][ T12] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 58.869745][ T12] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 59.265166][ T6064] netlink: 12 bytes leftover after parsing attributes in process `syz.0.7'. [ 59.839468][ T6070] netlink: 12 bytes leftover after parsing attributes in process `syz.2.8'. [ 60.022285][ T5955] Bluetooth: hci3: command tx timeout [ 60.024238][ T64] Bluetooth: hci0: command tx timeout [ 60.025966][ T5950] Bluetooth: hci1: command tx timeout [ 60.101836][ T5950] Bluetooth: hci2: command tx timeout [ 60.255140][ T6072] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.257687][ T6072] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.420160][ T6072] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 60.426690][ T6072] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 60.956434][ T6078] netlink: 12 bytes leftover after parsing attributes in process `syz.1.9'. [ 61.269060][ T6085] netlink: 12 bytes leftover after parsing attributes in process `syz.0.10'. [ 62.112205][ T5950] Bluetooth: hci1: command tx timeout [ 62.112524][ T5955] Bluetooth: hci3: command tx timeout [ 62.116069][ T64] Bluetooth: hci0: command tx timeout [ 62.191840][ T64] Bluetooth: hci2: command tx timeout [ 62.312422][ T6079] bridge0: port 2(bridge_slave_1) entered disabled state [ 62.314976][ T6079] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.371223][ T6079] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 62.383052][ T6079] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 62.589368][ T12] netdevsim netdevsim2 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.601929][ T12] netdevsim netdevsim2 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.623937][ T12] netdevsim netdevsim2 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.627836][ T12] netdevsim netdevsim2 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.633401][ T12] netdevsim netdevsim1 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.637124][ T12] netdevsim netdevsim1 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.655280][ T1233] netdevsim netdevsim1 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 62.659013][ T1233] netdevsim netdevsim1 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 63.439609][ T6110] netlink: 12 bytes leftover after parsing attributes in process `syz.3.15'. [ 64.519095][ T6114] ======================================================= [ 64.519095][ T6114] WARNING: The mand mount option has been deprecated and [ 64.519095][ T6114] and is ignored by this kernel. Remove the mand [ 64.519095][ T6114] option from the mount to silence this warning. [ 64.519095][ T6114] ======================================================= [ 64.543231][ T6114] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 64.588619][ T6114] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 64.598005][ T6114] overlayfs: failed to look up (tracing) for ino (-66) [ 66.040622][ T6121] netlink: 12 bytes leftover after parsing attributes in process `syz.1.19'. [ 66.663495][ T6130] netlink: 12 bytes leftover after parsing attributes in process `syz.0.20'. [ 67.212361][ T6135] netlink: 12 bytes leftover after parsing attributes in process `syz.1.21'. [ 67.242250][ T6137] netlink: 12 bytes leftover after parsing attributes in process `syz.2.22'. [ 68.511181][ T6149] netlink: 12 bytes leftover after parsing attributes in process `syz.0.24'. [ 69.649950][ T6168] netlink: zone id is out of range [ 69.651884][ T6168] netlink: zone id is out of range [ 69.653548][ T6168] netlink: zone id is out of range [ 69.655537][ T6168] netlink: del zone limit has 8 unknown bytes [ 69.660558][ T6168] netlink: 212408 bytes leftover after parsing attributes in process `syz.3.27'. [ 70.086399][ T6177] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 70.232668][ T6177] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 70.236047][ T6177] overlayfs: failed to look up (tracing) for ino (-66) [ 71.067485][ T6185] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 71.109145][ T6185] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 71.117512][ T6185] overlayfs: failed to look up (tracing) for ino (-66) [ 72.108878][ T6199] faux_driver vkms: [drm] Unknown color mode 9; guessing buffer size. [ 75.551945][ T6228] netlink: 4 bytes leftover after parsing attributes in process `syz.0.36'. [ 75.581684][ T6228] hsr_slave_0: left promiscuous mode [ 75.592015][ T6228] hsr_slave_1: left promiscuous mode [ 75.947025][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 75.949505][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.785640][ T6238] warning: `syz.1.39' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 76.792230][ T6238] bridge_slave_0: left allmulticast mode [ 76.794169][ T6238] bridge_slave_0: left promiscuous mode [ 76.796118][ T6238] bridge0: port 1(bridge_slave_0) entered disabled state [ 76.800355][ T6238] bridge_slave_1: left allmulticast mode [ 76.802657][ T6238] bridge_slave_1: left promiscuous mode [ 76.804862][ T6238] bridge0: port 2(bridge_slave_1) entered disabled state [ 76.811385][ T6238] bond0: (slave bond_slave_0): Releasing backup interface [ 76.819420][ T6238] bond0: (slave bond_slave_1): Releasing backup interface [ 76.824775][ T6238] team0: Port device team_slave_0 removed [ 76.829357][ T6238] team0: Port device team_slave_1 removed [ 76.833315][ T6238] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 76.837184][ T6238] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 76.840873][ T6238] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 76.961861][ T6242] netlink: 12 bytes leftover after parsing attributes in process `syz.1.40'. [ 77.640276][ T6240] netlink: zone id is out of range [ 77.642220][ T6240] netlink: zone id is out of range [ 77.643865][ T6240] netlink: zone id is out of range [ 77.645492][ T6240] netlink: del zone limit has 8 unknown bytes [ 77.649350][ T6240] netlink: 212408 bytes leftover after parsing attributes in process `syz.2.38'. [ 79.003385][ T6255] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 81.869694][ T6279] netlink: 12 bytes leftover after parsing attributes in process `syz.3.48'. [ 83.423557][ T6297] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 83.519068][ T6299] netlink: 12 bytes leftover after parsing attributes in process `syz.3.54'. [ 84.744338][ T6310] netlink: 12 bytes leftover after parsing attributes in process `syz.1.56'. [ 85.983543][ T6323] lo speed is unknown, defaulting to 1000 [ 85.985813][ T6323] lo speed is unknown, defaulting to 1000 [ 85.992312][ T6323] lo speed is unknown, defaulting to 1000 [ 86.002820][ T6323] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 86.019212][ T6323] infiniband syz0: RDMA CMA: cma_listen_on_dev, error -98 [ 86.093609][ T6323] lo speed is unknown, defaulting to 1000 [ 86.099087][ T6323] lo speed is unknown, defaulting to 1000 [ 86.104605][ T6323] lo speed is unknown, defaulting to 1000 [ 86.109890][ T6323] lo speed is unknown, defaulting to 1000 [ 86.311367][ T29] cfg80211: failed to load regulatory.db [ 86.383177][ T6326] netlink: 12 bytes leftover after parsing attributes in process `syz.2.61'. [ 87.446500][ T6332] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 87.521895][ T6332] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 87.525244][ T6332] overlayfs: failed to look up (tracing) for ino (-66) [ 88.668745][ T6342] netlink: zone id is out of range [ 88.670498][ T6342] netlink: del zone limit has 8 unknown bytes [ 88.674168][ T6342] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.64'. [ 89.195102][ T6347] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 89.511416][ T6349] netlink: 12 bytes leftover after parsing attributes in process `syz.3.66'. [ 90.814708][ T6357] netlink: 12 bytes leftover after parsing attributes in process `syz.1.68'. [ 94.427006][ T6382] siw: device registration error -23 [ 94.511683][ T6387] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 94.585550][ T6387] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 94.589675][ T6387] overlayfs: failed to look up (tracing) for ino (-66) [ 96.836748][ T6402] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 97.553872][ T6399] siw: device registration error -23 [ 97.681020][ T6404] netlink: 12 bytes leftover after parsing attributes in process `syz.0.79'. [ 99.251018][ T6421] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 99.259361][ T6423] netlink: 12 bytes leftover after parsing attributes in process `syz.0.83'. [ 99.342139][ T6425] siw: device registration error -23 [ 100.300309][ T6439] netlink: 12 bytes leftover after parsing attributes in process `syz.0.86'. [ 100.360163][ T6440] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 100.521414][ T6440] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 100.524927][ T6440] overlayfs: failed to look up (tracing) for ino (-66) [ 100.671917][ T6443] 9pnet_virtio: no channels available for device syz [ 101.762640][ T6447] netlink: 12 bytes leftover after parsing attributes in process `syz.3.88'. [ 102.508080][ T6454] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 103.524760][ T6458] bridge_slave_0: left allmulticast mode [ 103.527250][ T6458] bridge_slave_0: left promiscuous mode [ 103.529832][ T6458] bridge0: port 1(bridge_slave_0) entered disabled state [ 103.621390][ T6458] bridge_slave_1: left allmulticast mode [ 103.623930][ T6458] bridge_slave_1: left promiscuous mode [ 103.626543][ T6458] bridge0: port 2(bridge_slave_1) entered disabled state [ 103.674558][ T6458] bond0: (slave bond_slave_0): Releasing backup interface [ 103.680110][ T6458] bond0: (slave bond_slave_1): Releasing backup interface [ 103.686044][ T6458] team0: Port device team_slave_0 removed [ 103.688888][ T6458] team0: Port device team_slave_1 removed [ 103.691242][ T6458] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 103.694606][ T6458] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 103.952734][ T6469] netlink: 12 bytes leftover after parsing attributes in process `syz.0.94'. [ 105.891214][ T6481] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.96'. [ 106.750670][ T6476] siw: device registration error -23 [ 107.032884][ T6489] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 107.132888][ T6489] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 107.136201][ T6489] overlayfs: failed to look up (tracing) for ino (-66) [ 107.356641][ T6494] netlink: 12 bytes leftover after parsing attributes in process `syz.1.100'. [ 107.811286][ T6496] siw: device registration error -23 [ 109.342068][ T6508] bridge_slave_0: left allmulticast mode [ 109.343907][ T6508] bridge_slave_0: left promiscuous mode [ 109.345785][ T6508] bridge0: port 1(bridge_slave_0) entered disabled state [ 109.349375][ T6508] bridge_slave_1: left allmulticast mode [ 109.351198][ T6508] bridge_slave_1: left promiscuous mode [ 109.353300][ T6508] bridge0: port 2(bridge_slave_1) entered disabled state [ 109.357856][ T6508] bond0: (slave bond_slave_0): Releasing backup interface [ 109.360925][ T6508] bond0: (slave bond_slave_1): Releasing backup interface [ 109.364581][ T6508] team0: Port device team_slave_0 removed [ 109.367194][ T6508] team0: Port device team_slave_1 removed [ 109.369149][ T6508] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 109.371793][ T6508] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 109.374856][ T6508] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 109.390161][ T6508] netlink: 'syz.3.103': attribute type 10 has an invalid length. [ 109.394443][ T6508] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 109.477513][ T6510] netlink: 12 bytes leftover after parsing attributes in process `syz.1.102'. [ 111.078152][ T6527] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.105'. [ 111.658400][ T6519] siw: device registration error -23 [ 111.659140][ T6526] siw: device registration error -23 [ 111.798060][ T6531] netlink: 12 bytes leftover after parsing attributes in process `syz.0.108'. [ 112.015454][ T6535] netlink: 12 bytes leftover after parsing attributes in process `syz.1.109'. [ 113.409867][ T6547] siw: device registration error -23 [ 116.104139][ T6557] netlink: 12 bytes leftover after parsing attributes in process `syz.2.114'. [ 116.945957][ T6565] netlink: 12 bytes leftover after parsing attributes in process `syz.2.116'. [ 117.037939][ T6567] overlayfs: missing 'lowerdir' [ 117.895119][ T6574] input: syz1 as /devices/virtual/input/input5 [ 118.262396][ T6579] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 118.270250][ T6579] netlink: 'syz.1.120': attribute type 10 has an invalid length. [ 118.276927][ T6579] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 118.405204][ T6586] netlink: 12 bytes leftover after parsing attributes in process `syz.1.122'. [ 118.465297][ T6581] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.118'. [ 118.484652][ T6588] netlink: 12 bytes leftover after parsing attributes in process `syz.3.119'. [ 120.335623][ T6603] overlayfs: overlapping lowerdir path [ 120.415547][ T6604] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 120.419188][ T6604] overlayfs: overlapping lowerdir path [ 120.684842][ T6608] overlayfs: overlapping lowerdir path [ 121.038084][ T6607] siw: device registration error -23 [ 121.042978][ T6608] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 121.047551][ T6608] overlayfs: overlapping lowerdir path [ 121.810538][ T6617] overlayfs: missing 'lowerdir' [ 125.559631][ T6637] netlink: 12 bytes leftover after parsing attributes in process `syz.0.132'. [ 127.272419][ T6652] netlink: 12 bytes leftover after parsing attributes in process `syz.0.135'. [ 127.355237][ T6650] netlink: zone id is out of range [ 127.356931][ T6650] netlink: zone id is out of range [ 127.358694][ T6650] netlink: zone id is out of range [ 127.360379][ T6650] netlink: del zone limit has 8 unknown bytes [ 127.763621][ T6659] siw: device registration error -23 [ 128.540523][ T6676] siw: device registration error -23 [ 128.914704][ T6689] siw: device registration error -23 [ 129.529756][ T6699] overlayfs: overlapping lowerdir path [ 129.543890][ T6699] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 129.546622][ T6699] overlayfs: overlapping lowerdir path [ 129.647224][ T6701] overlayfs: overlapping lowerdir path [ 129.656870][ T6701] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 129.659519][ T6701] overlayfs: overlapping lowerdir path [ 131.767738][ T6723] netlink: 12 bytes leftover after parsing attributes in process `syz.0.145'. [ 132.394076][ T6731] overlay: Unknown parameter '/' [ 132.880094][ T6734] netlink: 12 bytes leftover after parsing attributes in process `syz.3.148'. [ 133.740145][ T6744] overlayfs: overlapping lowerdir path [ 133.827589][ T6745] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 133.831456][ T6745] overlayfs: overlapping lowerdir path [ 134.246727][ T6735] siw: device registration error -23 [ 134.652187][ T6757] siw: device registration error -23 [ 134.936629][ T6756] xt_bpf: check failed: parse error [ 136.790432][ T6774] 9pnet_virtio: no channels available for device syz [ 136.802186][ T6774] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 136.917170][ T6774] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 136.920598][ T6774] overlayfs: failed to look up (tracing) for ino (-66) [ 137.390253][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 137.392322][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 137.649949][ T6769] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 137.667844][ T6769] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 137.869029][ T6769] overlayfs: failed to look up (tracing) for ino (-66) [ 138.358234][ T6780] 9pnet_virtio: no channels available for device syz [ 138.366939][ T6780] overlay: Unknown parameter '/' [ 139.268497][ T6787] siw: device registration error -23 [ 140.971785][ T6800] netlink: 12 bytes leftover after parsing attributes in process `syz.3.163'. [ 141.560932][ T6810] siw: device registration error -23 [ 141.726260][ T6808] xt_bpf: check failed: parse error [ 142.172709][ T6814] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 142.255665][ T6814] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 142.260063][ T6814] overlayfs: failed to look up (tracing) for ino (-66) [ 142.349817][ T6817] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 142.363721][ T6817] netlink: 'syz.1.167': attribute type 10 has an invalid length. [ 142.624088][ T6826] netlink: 4 bytes leftover after parsing attributes in process `syz.3.166'. [ 142.644489][ T6826] hsr_slave_0: left promiscuous mode [ 142.668876][ T6826] hsr_slave_1: left promiscuous mode [ 144.252500][ T6844] overlayfs: overlapping lowerdir path [ 144.311240][ T6845] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 144.313968][ T6845] overlayfs: overlapping lowerdir path [ 146.829339][ T6861] xt_bpf: check failed: parse error [ 146.831253][ T6863] netlink: 12 bytes leftover after parsing attributes in process `syz.2.176'. [ 147.738928][ T6868] netlink: 12 bytes leftover after parsing attributes in process `syz.2.177'. [ 148.486464][ T6881] netlink: 12 bytes leftover after parsing attributes in process `syz.1.179'. [ 149.073820][ T6893] netlink: 12 bytes leftover after parsing attributes in process `syz.2.180'. [ 150.483875][ T6899] netlink: 12 bytes leftover after parsing attributes in process `syz.1.181'. [ 150.859225][ T6916] overlayfs: overlapping lowerdir path [ 150.921867][ T6917] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 150.924541][ T6917] overlayfs: overlapping lowerdir path [ 152.044828][ T6937] overlayfs: overlapping lowerdir path [ 152.108159][ T6938] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 152.110975][ T6938] overlayfs: overlapping lowerdir path [ 152.624747][ T6942] xt_bpf: check failed: parse error [ 152.859832][ T6945] netlink: 12 bytes leftover after parsing attributes in process `syz.2.187'. [ 153.151921][ T6956] netlink: 12 bytes leftover after parsing attributes in process `syz.3.189'. [ 154.052346][ T6965] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 154.072612][ T6965] netlink: 'syz.1.191': attribute type 10 has an invalid length. [ 154.309386][ T6972] netlink: 12 bytes leftover after parsing attributes in process `syz.0.193'. [ 154.525023][ T6967] overlayfs: overlapping lowerdir path [ 154.587083][ T6967] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 154.591457][ T6967] overlayfs: overlapping lowerdir path [ 155.407129][ T6983] netlink: 12 bytes leftover after parsing attributes in process `syz.0.195'. [ 156.806640][ T6990] siw: device registration error -23 [ 157.897001][ T6998] netlink: 4 bytes leftover after parsing attributes in process `syz.1.198'. [ 157.901030][ T6998] hsr_slave_0: left promiscuous mode [ 157.911126][ T6998] hsr_slave_1: left promiscuous mode [ 158.274886][ T7006] netlink: 12 bytes leftover after parsing attributes in process `syz.3.201'. [ 158.942673][ T7013] netlink: 12 bytes leftover after parsing attributes in process `syz.2.204'. [ 159.490084][ T7018] siw: device registration error -23 [ 160.567753][ T7042] netlink: 12 bytes leftover after parsing attributes in process `syz.1.206'. [ 160.700908][ T7040] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.205'. [ 160.891692][ T7017] siw: device registration error -23 [ 161.007432][ T7047] netlink: 12 bytes leftover after parsing attributes in process `syz.0.207'. [ 162.182655][ T7074] xt_bpf: check failed: parse error [ 162.228484][ T7076] netlink: 12 bytes leftover after parsing attributes in process `syz.1.211'. [ 162.689574][ T7084] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 162.908260][ T7084] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 162.928147][ T7084] overlayfs: failed to look up (tracing) for ino (-66) [ 163.278946][ T7088] netlink: 12 bytes leftover after parsing attributes in process `syz.3.213'. [ 163.310238][ T7090] netlink: 12 bytes leftover after parsing attributes in process `syz.1.214'. [ 163.394476][ T7092] netlink: 12 bytes leftover after parsing attributes in process `syz.0.215'. [ 164.683095][ T7107] netlink: 12 bytes leftover after parsing attributes in process `syz.3.218'. [ 165.204842][ T7116] siw: device registration error -23 [ 166.410428][ T7140] netlink: zone id is out of range [ 166.412687][ T7140] netlink: zone id is out of range [ 166.414509][ T7140] netlink: zone id is out of range [ 166.416441][ T7140] netlink: del zone limit has 8 unknown bytes [ 166.421013][ T7140] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.216'. [ 166.900761][ T7138] siw: device registration error -23 [ 166.990683][ T7146] netlink: 12 bytes leftover after parsing attributes in process `syz.1.223'. [ 167.257142][ T7153] netlink: 12 bytes leftover after parsing attributes in process `syz.0.224'. [ 167.364406][ T7157] netlink: 12 bytes leftover after parsing attributes in process `syz.2.225'. [ 168.786895][ T7179] netlink: 12 bytes leftover after parsing attributes in process `syz.2.228'. [ 169.399709][ T7183] siw: device registration error -23 [ 169.825533][ T7192] netlink: 12 bytes leftover after parsing attributes in process `syz.0.230'. [ 169.860895][ T7195] netlink: 12 bytes leftover after parsing attributes in process `syz.1.231'. [ 171.317144][ T7210] netlink: 12 bytes leftover after parsing attributes in process `syz.2.232'. [ 172.299085][ T7222] netlink: 12 bytes leftover after parsing attributes in process `syz.2.235'. [ 172.833325][ T7220] siw: device registration error -23 [ 174.133528][ T7250] siw: device registration error -23 [ 174.170502][ T7250] debugfs: 'ptm0' already exists in 'caif_serial' [ 176.299357][ T7277] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 176.735256][ T7277] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 176.763724][ T7277] overlayfs: failed to look up (tracing) for ino (-66) [ 177.308535][ T7286] siw: device registration error -23 [ 178.349148][ T7314] 9pnet_virtio: no channels available for device syz [ 178.421204][ T7316] overlayfs: overlapping lowerdir path [ 178.428365][ T7316] overlayfs: "xino=on" is useless with all layers on same fs, ignore. [ 178.431156][ T7316] overlayfs: overlapping lowerdir path [ 179.183381][ T7321] netlink: 12 bytes leftover after parsing attributes in process `syz.1.246'. [ 180.353381][ T7333] siw: device registration error -23 [ 180.431713][ T5946] Bluetooth: hci3: command 0x0406 tx timeout [ 180.431751][ T5958] Bluetooth: hci2: command 0x0406 tx timeout [ 180.433731][ T5946] Bluetooth: hci1: command 0x0406 tx timeout [ 180.440850][ T5946] Bluetooth: hci0: command 0x0406 tx timeout [ 181.198646][ T7338] netlink: 12 bytes leftover after parsing attributes in process `syz.0.248'. [ 183.081996][ T7366] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.252'. [ 184.048524][ T7382] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 184.145481][ T7382] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 184.149989][ T7382] overlayfs: failed to look up (tracing) for ino (-66) [ 184.484918][ T7371] siw: device registration error -23 [ 184.499610][ T7385] netlink: 12 bytes leftover after parsing attributes in process `syz.3.255'. [ 185.653132][ T7401] netlink: 12 bytes leftover after parsing attributes in process `syz.0.257'. [ 186.886112][ T7416] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 186.896092][ T7416] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 186.899232][ T7416] overlayfs: failed to look up (tracing) for ino (-66) [ 187.026080][ T7418] siw: device registration error -23 [ 188.876062][ T7449] netlink: 12 bytes leftover after parsing attributes in process `syz.1.263'. [ 191.271952][ T7473] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 191.344665][ T7473] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 191.349471][ T7473] overlayfs: failed to look up (tracing) for ino (-66) [ 192.308222][ T7480] siw: device registration error -23 [ 193.104074][ T7490] netlink: 12 bytes leftover after parsing attributes in process `syz.2.268'. [ 193.735639][ T7497] netlink: 12 bytes leftover after parsing attributes in process `syz.1.270'. [ 195.217702][ T7510] netlink: 12 bytes leftover after parsing attributes in process `syz.3.271'. [ 195.810407][ T7515] netlink: 12 bytes leftover after parsing attributes in process `syz.1.272'. [ 196.411971][ T7523] siw: device registration error -23 [ 196.456123][ T7524] netlink: 12 bytes leftover after parsing attributes in process `syz.3.274'. [ 197.200633][ T7541] siw: device registration error -23 [ 197.368529][ T7543] netlink: 12 bytes leftover after parsing attributes in process `syz.1.276'. [ 197.854159][ T7561] netlink: 12 bytes leftover after parsing attributes in process `syz.2.277'. [ 198.835887][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 198.851748][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 198.995735][ T7586] netlink: 12 bytes leftover after parsing attributes in process `syz.3.281'. [ 199.035669][ T7589] netlink: 12 bytes leftover after parsing attributes in process `syz.1.280'. [ 199.868380][ T7596] netlink: 12 bytes leftover after parsing attributes in process `syz.2.282'. [ 201.218747][ T7610] netlink: 12 bytes leftover after parsing attributes in process `syz.2.285'. [ 201.594629][ T7615] netlink: 24 bytes leftover after parsing attributes in process `syz.1.286'. [ 202.475674][ T7619] netlink: 12 bytes leftover after parsing attributes in process `syz.2.287'. [ 203.550067][ T7624] siw: device registration error -23 [ 204.028941][ T7640] debugfs: 'ptm0' already exists in 'caif_serial' [ 204.065155][ T7645] netlink: 12 bytes leftover after parsing attributes in process `syz.1.291'. [ 204.447908][ T7647] siw: device registration error -23 [ 205.817240][ T7686] siw: device registration error -23 [ 206.195071][ T7689] netlink: 12 bytes leftover after parsing attributes in process `syz.0.296'. [ 206.683184][ T7705] bridge_slave_0: left allmulticast mode [ 206.685642][ T7705] bridge_slave_0: left promiscuous mode [ 206.688176][ T7705] bridge0: port 1(bridge_slave_0) entered disabled state [ 206.706984][ T7705] bridge_slave_1: left allmulticast mode [ 206.709413][ T7705] bridge_slave_1: left promiscuous mode [ 206.713108][ T7705] bridge0: port 2(bridge_slave_1) entered disabled state [ 206.719695][ T7705] bond0: (slave bond_slave_0): Releasing backup interface [ 206.725553][ T7705] bond0: (slave bond_slave_1): Releasing backup interface [ 206.731037][ T7705] team0: Port device team_slave_0 removed [ 206.734379][ T7712] netlink: 'syz.2.297': attribute type 10 has an invalid length. [ 206.737514][ T7705] team0: Port device team_slave_1 removed [ 206.740224][ T7705] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 206.746715][ T7705] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 206.750958][ T7705] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 206.783278][ T7712] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 206.857506][ T7719] netlink: 12 bytes leftover after parsing attributes in process `syz.2.298'. [ 208.296021][ T7743] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 208.464605][ T7743] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 208.469005][ T7743] overlayfs: failed to look up (tracing) for ino (-66) [ 208.562927][ T7746] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 208.570537][ T7746] netlink: 'syz.2.301': attribute type 10 has an invalid length. [ 208.842997][ T7741] siw: device registration error -23 [ 208.928416][ T7752] siw: device registration error -23 [ 209.440334][ T7768] bond0: (slave wlan1): Releasing backup interface [ 209.448292][ T7768] netlink: 'syz.3.303': attribute type 10 has an invalid length. [ 209.453875][ T7768] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 209.575576][ T7778] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 210.758004][ T7778] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 210.762934][ T7778] overlayfs: failed to look up (tracing) for ino (-66) [ 210.988074][ T7793] overlayfs: missing 'lowerdir' [ 211.042232][ T7793] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 211.566190][ T7793] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 211.569527][ T7793] overlayfs: failed to look up (tracing) for ino (-66) [ 212.349256][ T7800] siw: device registration error -23 [ 212.351819][ T7801] siw: device registration error -23 [ 212.662055][ T7805] siw: device registration error -23 [ 212.905950][ T7803] debugfs: 'ptm0' already exists in 'caif_serial' [ 213.465709][ T7820] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.310'. [ 214.060204][ T7818] siw: device registration error -23 [ 214.598707][ T7831] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 214.642483][ T7831] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 214.645692][ T7831] overlayfs: failed to look up (tracing) for ino (-66) [ 215.416417][ T7848] siw: device registration error -23 [ 216.476404][ T7869] netlink: 12 bytes leftover after parsing attributes in process `syz.1.316'. [ 217.588129][ T7871] netlink: 'syz.0.317': attribute type 10 has an invalid length. [ 217.592995][ T7871] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 217.663974][ T7881] netlink: 12 bytes leftover after parsing attributes in process `syz.0.318'. [ 218.257936][ T7899] netlink: 12 bytes leftover after parsing attributes in process `syz.2.320'. [ 219.304448][ T7908] netlink: 212368 bytes leftover after parsing attributes in process `syz.3.322'. [ 219.349040][ T7912] netlink: 12 bytes leftover after parsing attributes in process `syz.2.323'. [ 220.898875][ T7949] bond0: (slave wlan1): Releasing backup interface [ 220.906623][ T7949] netlink: 'syz.3.325': attribute type 10 has an invalid length. [ 220.910977][ T7949] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 221.240351][ T7959] netlink: 12 bytes leftover after parsing attributes in process `syz.1.329'. [ 221.471987][ T34] usb 5-1: new full-speed USB device number 2 using dummy_hcd [ 221.643676][ T34] usb 5-1: config 0 interface 0 altsetting 251 endpoint 0x9 has invalid wMaxPacketSize 0 [ 221.646779][ T34] usb 5-1: config 0 interface 0 has no altsetting 0 [ 222.075764][ T34] usb 5-1: New USB device found, idVendor=045e, idProduct=0283, bcdDevice=99.0b [ 222.079280][ T34] usb 5-1: New USB device strings: Mfr=1, Product=228, SerialNumber=2 [ 222.081940][ T34] usb 5-1: Product: syz [ 222.083289][ T34] usb 5-1: Manufacturer: syz [ 222.084791][ T34] usb 5-1: SerialNumber: syz [ 222.092998][ T34] usb 5-1: config 0 descriptor?? [ 222.102237][ T34] usb 5-1: selecting invalid altsetting 0 [ 222.302650][ T7972] netlink: 12 bytes leftover after parsing attributes in process `syz.1.331'. [ 222.514677][ T7976] netlink: 12 bytes leftover after parsing attributes in process `syz.3.330'. [ 224.160969][ T7992] netlink: 12 bytes leftover after parsing attributes in process `syz.1.332'. [ 224.533282][ T34] usb 5-1: USB disconnect, device number 2 [ 224.756809][ T7999] netlink: 12 bytes leftover after parsing attributes in process `syz.3.334'. [ 225.766540][ T8009] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.335'. [ 226.142637][ T8024] siw: device registration error -23 [ 226.907983][ T8035] netlink: 12 bytes leftover after parsing attributes in process `syz.2.338'. [ 228.346549][ T8086] netlink: 12 bytes leftover after parsing attributes in process `syz.2.342'. [ 228.560193][ T8097] netlink: 12 bytes leftover after parsing attributes in process `syz.0.343'. [ 228.716334][ T8102] debugfs: 'ptm0' already exists in 'caif_serial' [ 228.879273][ T8100] bond0: (slave wlan1): Releasing backup interface [ 228.885588][ T8100] netlink: 'syz.3.344': attribute type 10 has an invalid length. [ 228.889367][ T8100] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 228.957251][ T8116] netlink: 12 bytes leftover after parsing attributes in process `syz.3.345'. [ 230.490894][ T8158] siw: device registration error -23 [ 230.798784][ T8170] xt_bpf: check failed: parse error [ 231.326216][ T8175] netlink: del zone limit has 8 unknown bytes [ 231.329911][ T8175] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.349'. [ 231.704398][ T8183] netlink: 12 bytes leftover after parsing attributes in process `syz.3.350'. [ 233.301441][ T8201] overlay: Unknown parameter '/' [ 233.536245][ T8207] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 233.555338][ T8201] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 233.558528][ T8201] overlayfs: failed to look up (tracing) for ino (-66) [ 234.146303][ T8220] netlink: 12 bytes leftover after parsing attributes in process `syz.1.356'. [ 234.663242][ T8233] bond0: (slave wlan1): Releasing backup interface [ 234.673724][ T8233] netlink: 'syz.3.357': attribute type 10 has an invalid length. [ 234.677542][ T8233] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 234.752582][ T8242] netlink: 12 bytes leftover after parsing attributes in process `syz.3.358'. [ 235.169466][ T8249] netlink: 12 bytes leftover after parsing attributes in process `syz.2.360'. [ 236.647512][ T8271] siw: device registration error -23 [ 236.833823][ T8272] siw: device registration error -23 [ 237.146101][ T8275] Zero length message leads to an empty skb [ 237.276975][ T8282] debugfs: 'ptm0' already exists in 'caif_serial' [ 237.645148][ T8296] overlay: Unknown parameter '/' [ 237.713270][ T8297] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 237.722864][ T8296] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 237.726028][ T8296] overlayfs: failed to look up (tracing) for ino (-66) [ 239.573629][ T8320] netlink: 12 bytes leftover after parsing attributes in process `syz.3.370'. [ 244.146040][ T8371] netlink: 12 bytes leftover after parsing attributes in process `syz.2.380'. [ 244.480464][ T8386] netlink: 12 bytes leftover after parsing attributes in process `syz.0.381'. [ 248.851107][ T8419] netlink: zone id is out of range [ 248.853029][ T8419] netlink: del zone limit has 8 unknown bytes [ 248.856595][ T8419] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.387'. [ 253.964220][ T8493] netlink: zone id is out of range [ 253.966032][ T8493] netlink: del zone limit has 8 unknown bytes [ 253.969911][ T8493] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.398'. [ 254.556440][ T8496] netlink: 12 bytes leftover after parsing attributes in process `syz.2.399'. [ 258.255638][ T8555] bond0: (slave wlan1): Releasing backup interface [ 258.343273][ T8555] netlink: 'syz.0.407': attribute type 10 has an invalid length. [ 258.380706][ T8555] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 260.277467][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 260.350377][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 264.155585][ T8606] bond0: (slave wlan1): Releasing backup interface [ 264.160906][ T8606] netlink: 'syz.3.418': attribute type 10 has an invalid length. [ 264.164890][ T8606] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 266.804497][ T8635] bond0: (slave wlan1): Releasing backup interface [ 266.848315][ T8635] netlink: 'syz.3.423': attribute type 10 has an invalid length. [ 266.868950][ T8635] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 267.777448][ T8655] bond0: (slave wlan1): Releasing backup interface [ 267.785103][ T8655] netlink: 'syz.0.428': attribute type 10 has an invalid length. [ 267.790975][ T8655] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 268.094208][ T8660] siw: device registration error -23 [ 271.308020][ T8729] siw: device registration error -23 [ 273.396887][ T8763] siw: device registration error -23 [ 273.413237][ T8759] debugfs: 'ptm0' already exists in 'caif_serial' [ 274.916334][ T8804] netlink: 12 bytes leftover after parsing attributes in process `syz.3.448'. [ 276.515373][ T8817] bond0: (slave wlan1): Releasing backup interface [ 278.871163][ T8872] netlink: zone id is out of range [ 278.873332][ T8872] netlink: del zone limit has 8 unknown bytes [ 278.877206][ T8872] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.457'. [ 279.437302][ T8876] siw: device registration error -23 [ 279.589476][ T8879] netlink: 12 bytes leftover after parsing attributes in process `syz.0.459'. [ 281.600410][ T8910] siw: device registration error -23 [ 282.014576][ T8909] siw: device registration error -23 [ 282.268670][ T8904] debugfs: 'ptm0' already exists in 'caif_serial' [ 283.436709][ T8953] siw: device registration error -23 [ 283.775890][ T8961] netlink: 12 bytes leftover after parsing attributes in process `syz.0.471'. [ 284.741500][ T8982] netlink: zone id is out of range [ 284.743709][ T8982] netlink: del zone limit has 8 unknown bytes [ 284.747845][ T8982] netlink: 212368 bytes leftover after parsing attributes in process `syz.1.470'. [ 286.488271][ T9016] netlink: 36 bytes leftover after parsing attributes in process `syz.0.476'. [ 287.010074][ T9021] overlay: Unknown parameter '/' [ 287.326506][ T9024] bond0: (slave wlan1): Releasing backup interface [ 287.343333][ T9024] netlink: 'syz.0.479': attribute type 10 has an invalid length. [ 287.353414][ T9024] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 287.625333][ T9028] netlink: 12 bytes leftover after parsing attributes in process `syz.0.480'. [ 291.797609][ T9064] siw: device registration error -23 [ 292.134130][ T9080] netlink: 12 bytes leftover after parsing attributes in process `syz.0.490'. [ 292.225943][ T9082] netlink: 36 bytes leftover after parsing attributes in process `syz.1.489'. [ 293.204309][ T9094] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 293.212964][ T9094] netlink: 'syz.2.492': attribute type 10 has an invalid length. [ 294.022793][ T9116] overlay: Unknown parameter '/' [ 295.021211][ T9123] siw: device registration error -23 [ 295.829776][ T9144] overlay: Unknown parameter '/' [ 296.876493][ T9147] netlink: 12 bytes leftover after parsing attributes in process `syz.3.502'. [ 298.909679][ T9165] netlink: 12 bytes leftover after parsing attributes in process `syz.1.504'. [ 299.152647][ T9168] siw: device registration error -23 [ 299.984082][ T9196] siw: device registration error -23 [ 300.517901][ T9201] siw: device registration error -23 [ 301.244682][ T9211] siw: device registration error -23 [ 301.253776][ T9211] debugfs: 'ptm0' already exists in 'caif_serial' [ 301.275765][ T9217] overlay: Unknown parameter '/' [ 301.281666][ T9206] siw: device registration error -23 [ 301.555144][ T9231] netlink: 36 bytes leftover after parsing attributes in process `syz.1.514'. [ 301.621225][ T9234] netlink: 36 bytes leftover after parsing attributes in process `syz.2.515'. [ 302.696870][ T9251] siw: device registration error -23 [ 303.722178][ T9265] netlink: 36 bytes leftover after parsing attributes in process `syz.2.521'. [ 304.313755][ T9274] siw: device registration error -23 [ 305.042351][ T9290] siw: device registration error -23 [ 306.289826][ T9331] netlink: 36 bytes leftover after parsing attributes in process `syz.0.526'. [ 306.964894][ T9335] netlink: 8 bytes leftover after parsing attributes in process `syz.2.528'. [ 308.779628][ T9348] siw: device registration error -23 [ 309.329076][ T9354] netlink: 36 bytes leftover after parsing attributes in process `syz.3.532'. [ 310.927900][ T9383] netlink: 36 bytes leftover after parsing attributes in process `syz.1.535'. [ 312.829348][ T9396] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 312.835448][ T9400] netlink: 24 bytes leftover after parsing attributes in process `syz.1.541'. [ 312.836550][ T9396] netlink: 'syz.2.540': attribute type 10 has an invalid length. [ 313.250556][ T9410] netlink: 8 bytes leftover after parsing attributes in process `syz.0.543'. [ 313.614964][ T9416] netlink: 36 bytes leftover after parsing attributes in process `syz.1.544'. [ 314.108490][ T9423] netlink: 8 bytes leftover after parsing attributes in process `syz.2.546'. [ 314.457962][ T9429] netlink: 36 bytes leftover after parsing attributes in process `syz.0.547'. [ 316.711275][ T9444] siw: device registration error -23 [ 316.729738][ T9449] netlink: 24 bytes leftover after parsing attributes in process `syz.1.552'. [ 318.431343][ T9476] siw: device registration error -23 [ 318.622676][ T9493] netlink: 12 bytes leftover after parsing attributes in process `syz.1.557'. [ 319.088408][ T9494] netlink: zone id is out of range [ 319.090126][ T9494] netlink: del zone limit has 8 unknown bytes [ 319.093651][ T9494] netlink: 212368 bytes leftover after parsing attributes in process `syz.2.556'. [ 320.190837][ T9507] Bluetooth: MGMT ver 1.23 [ 320.814017][ T9518] netlink: 36 bytes leftover after parsing attributes in process `syz.1.561'. [ 320.887141][ T9511] siw: device registration error -23 [ 321.218737][ T9527] netlink: 24 bytes leftover after parsing attributes in process `syz.0.563'. [ 321.343210][ T9533] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 321.766673][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 321.768958][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 322.490144][ T9560] netlink: 8 bytes leftover after parsing attributes in process `syz.2.565'. [ 323.437716][ T9574] netlink: 12 bytes leftover after parsing attributes in process `syz.2.569'. [ 324.629954][ T9583] netlink: zone id is out of range [ 324.631905][ T9583] netlink: del zone limit has 8 unknown bytes [ 324.635316][ T9583] netlink: 212368 bytes leftover after parsing attributes in process `syz.0.567'. [ 327.079564][ T9600] siw: device registration error -23 [ 327.260174][ T9605] netlink: 36 bytes leftover after parsing attributes in process `syz.1.574'. [ 327.487763][ T9617] netlink: 36 bytes leftover after parsing attributes in process `syz.2.575'. [ 327.909463][ T9627] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 328.333938][ T9636] netlink: 8 bytes leftover after parsing attributes in process `syz.2.577'. [ 329.716991][ T9655] netlink: 36 bytes leftover after parsing attributes in process `syz.3.579'. [ 330.623123][ T9671] netlink: 36 bytes leftover after parsing attributes in process `syz.3.583'. [ 330.791341][ T9665] siw: device registration error -23 [ 331.508339][ T9691] netlink: 36 bytes leftover after parsing attributes in process `syz.3.585'. [ 331.571195][ T9695] netlink: 36 bytes leftover after parsing attributes in process `syz.2.584'. [ 331.643474][ T9700] netlink: 36 bytes leftover after parsing attributes in process `syz.0.586'. [ 331.649148][ T9701] netlink: 36 bytes leftover after parsing attributes in process `syz.1.587'. [ 332.910658][ T9714] siw: device registration error -23 [ 332.977246][ T9724] netlink: 36 bytes leftover after parsing attributes in process `syz.1.591'. [ 333.664104][ T9733] netlink: 36 bytes leftover after parsing attributes in process `syz.2.592'. [ 335.338334][ T9750] netlink: 24 bytes leftover after parsing attributes in process `syz.1.595'. [ 336.274372][ T9758] siw: device registration error -23 [ 336.446825][ T9773] netlink: 36 bytes leftover after parsing attributes in process `syz.0.598'. [ 336.822358][ T9780] netlink: 36 bytes leftover after parsing attributes in process `syz.1.600'. [ 337.416940][ T9789] netlink: 12 bytes leftover after parsing attributes in process `syz.0.602'. [ 337.866664][ T9798] netlink: 36 bytes leftover after parsing attributes in process `syz.3.603'. [ 338.282380][ T9806] netlink: 36 bytes leftover after parsing attributes in process `syz.2.605'. [ 339.024408][ T9813] netlink: 24 bytes leftover after parsing attributes in process `syz.0.607'. [ 339.514256][ T9821] netlink: 36 bytes leftover after parsing attributes in process `syz.3.606'. [ 340.200975][ T9832] netlink: 36 bytes leftover after parsing attributes in process `syz.1.610'. [ 340.204409][ T9831] netlink: 36 bytes leftover after parsing attributes in process `syz.0.609'. [ 341.555114][ T9836] netlink: 24 bytes leftover after parsing attributes in process `syz.2.611'. [ 342.054320][ T9849] netlink: 36 bytes leftover after parsing attributes in process `syz.0.614'. [ 342.428173][ T9847] netlink: 'syz.1.615': attribute type 10 has an invalid length. [ 342.448662][ T9847] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 346.993861][ T9899] netlink: 'syz.0.624': attribute type 10 has an invalid length. [ 347.456820][ T9905] siw: device registration error -23 [ 349.591161][ T9940] siw: device registration error -23 [ 350.589182][ T9976] netlink: 36 bytes leftover after parsing attributes in process `syz.1.635'. [ 351.423930][ T9988] netlink: 24 bytes leftover after parsing attributes in process `syz.1.638'. [ 351.497052][ T9992] netlink: 36 bytes leftover after parsing attributes in process `syz.0.637'. [ 351.961139][T10000] siw: device registration error -23 [ 352.581387][T10018] netlink: 36 bytes leftover after parsing attributes in process `syz.0.641'. [ 352.966953][T10021] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 353.288363][T10030] netlink: 24 bytes leftover after parsing attributes in process `syz.0.644'. [ 353.679223][T10037] netlink: 36 bytes leftover after parsing attributes in process `syz.3.643'. [ 354.351738][T10045] netlink: 24 bytes leftover after parsing attributes in process `syz.0.647'. [ 354.675968][T10049] netlink: 24 bytes leftover after parsing attributes in process `syz.0.648'. [ 355.266648][T10056] netlink: 36 bytes leftover after parsing attributes in process `syz.3.649'. [ 355.947213][T10061] siw: device registration error -23 [ 356.641990][T10075] netlink: 36 bytes leftover after parsing attributes in process `syz.2.652'. [ 357.426642][T10080] netlink: 24 bytes leftover after parsing attributes in process `syz.2.656'. [ 357.678274][T10086] netlink: 36 bytes leftover after parsing attributes in process `syz.1.655'. [ 358.147141][T10089] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 359.855138][T10103] netlink: 24 bytes leftover after parsing attributes in process `syz.2.660'. [ 361.080148][T10115] netlink: 12 bytes leftover after parsing attributes in process `syz.2.664'. [ 361.672942][T10124] netlink: 36 bytes leftover after parsing attributes in process `syz.3.663'. [ 362.218121][T10127] netlink: 24 bytes leftover after parsing attributes in process `syz.2.666'. [ 362.562789][T10132] siw: device registration error -23 [ 362.827926][T10142] netlink: 36 bytes leftover after parsing attributes in process `syz.3.667'. [ 363.716207][T10163] netlink: 12 bytes leftover after parsing attributes in process `syz.3.670'. [ 364.037354][T10174] netlink: 24 bytes leftover after parsing attributes in process `syz.1.671'. [ 364.973711][T10180] netlink: 24 bytes leftover after parsing attributes in process `syz.1.673'. [ 365.072551][T10182] bond0: (slave wlan1): Releasing backup interface [ 365.078663][T10182] netlink: 'syz.3.672': attribute type 10 has an invalid length. [ 365.084109][T10182] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 365.139364][T10185] netlink: 24 bytes leftover after parsing attributes in process `syz.3.674'. [ 366.525412][T10195] netlink: 12 bytes leftover after parsing attributes in process `syz.1.676'. [ 368.118777][T10206] netlink: zone id is out of range [ 368.120531][T10206] netlink: del zone limit has 8 unknown bytes [ 368.455395][T10208] siw: device registration error -23 [ 368.587144][T10200] siw: device registration error -23 [ 369.084913][T10231] netlink: 36 bytes leftover after parsing attributes in process `syz.1.679'. [ 369.734086][T10245] netlink: 36 bytes leftover after parsing attributes in process `syz.2.683'. [ 369.870657][T10253] netlink: 12 bytes leftover after parsing attributes in process `syz.0.685'. [ 371.858351][T10285] netlink: 36 bytes leftover after parsing attributes in process `syz.0.688'. [ 372.227976][T10292] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 372.245736][T10292] netlink: 'syz.2.690': attribute type 10 has an invalid length. [ 372.472967][T10304] netlink: 36 bytes leftover after parsing attributes in process `syz.1.689'. [ 372.545621][T10305] netlink: 36 bytes leftover after parsing attributes in process `syz.2.692'. [ 372.594438][T10307] netlink: 36 bytes leftover after parsing attributes in process `syz.0.693'. [ 373.278314][T10316] netlink: 12 bytes leftover after parsing attributes in process `syz.0.696'. [ 373.392347][T10319] siw: device registration error -23 [ 373.434882][T10320] netlink: 36 bytes leftover after parsing attributes in process `syz.2.695'. [ 374.656979][T10356] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 374.749658][T10358] netlink: 36 bytes leftover after parsing attributes in process `syz.0.700'. [ 376.507181][T10374] netlink: 12 bytes leftover after parsing attributes in process `syz.3.704'. [ 376.776542][T10383] siw: device registration error -23 [ 379.440183][T10416] netlink: zone id is out of range [ 379.442500][T10416] netlink: del zone limit has 8 unknown bytes [ 379.787210][T10429] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 379.874447][T10429] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 379.877721][T10429] overlayfs: failed to look up (tracing) for ino (-66) [ 379.992609][T10428] netlink: 36 bytes leftover after parsing attributes in process `syz.2.708'. [ 380.288990][T10434] netlink: 36 bytes leftover after parsing attributes in process `syz.1.710'. [ 380.450903][T10436] netlink: 12 bytes leftover after parsing attributes in process `syz.2.711'. [ 381.562777][T10443] netlink: 12 bytes leftover after parsing attributes in process `syz.2.713'. [ 382.103029][T10449] netlink: 36 bytes leftover after parsing attributes in process `syz.1.714'. [ 382.836183][T10457] netlink: 12 bytes leftover after parsing attributes in process `syz.1.716'. [ 383.182603][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 383.184700][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 384.313442][T10471] netlink: 12 bytes leftover after parsing attributes in process `syz.0.719'. [ 386.940304][T10489] netlink: 12 bytes leftover after parsing attributes in process `syz.2.723'. [ 387.841422][T10504] netlink: 36 bytes leftover after parsing attributes in process `syz.1.725'. [ 388.912351][T10513] overlayfs: "xino" feature enabled using 3 upper inode bits. [ 388.963572][T10515] netlink: 36 bytes leftover after parsing attributes in process `syz.2.728'. [ 389.023792][T10513] overlayfs: failed lookup in lower (/, name='tracing', err=-66): unsupported object type [ 389.027335][T10513] overlayfs: failed to look up (tracing) for ino (-66) [ 390.746817][T10533] netlink: 12 bytes leftover after parsing attributes in process `syz.0.732'. [ 394.013060][T10562] netlink: 36 bytes leftover after parsing attributes in process `syz.1.739'. [ 395.072271][T10569] netlink: 12 bytes leftover after parsing attributes in process `syz.1.741'. [ 395.697925][T10578] netlink: 12 bytes leftover after parsing attributes in process `syz.2.743'. [ 396.950832][T10595] siw: device registration error -23 [ 397.109728][T10599] netlink: 36 bytes leftover after parsing attributes in process `syz.1.745'. [ 397.637410][T10617] netlink: 36 bytes leftover after parsing attributes in process `syz.2.746'. [ 397.718351][T10621] netlink: 12 bytes leftover after parsing attributes in process `syz.3.748'. [ 398.411296][T10633] netlink: 12 bytes leftover after parsing attributes in process `syz.2.750'. [ 398.859866][T10639] netlink: 36 bytes leftover after parsing attributes in process `syz.0.751'. [ 399.456698][T10643] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 399.463909][T10643] netlink: 'syz.2.753': attribute type 10 has an invalid length. [ 399.503086][T10648] netlink: 24 bytes leftover after parsing attributes in process `syz.2.754'. [ 399.595986][T10650] siw: device registration error -23 [ 400.899960][T10670] netlink: 12 bytes leftover after parsing attributes in process `syz.1.757'. [ 401.177935][T10681] netlink: 36 bytes leftover after parsing attributes in process `syz.3.758'. [ 401.279840][T10684] siw: device registration error -23 [ 402.263196][T10712] siw: device registration error -23 [ 403.152921][T10752] siw: device registration error -23 [ 404.010452][T10758] netlink: 12 bytes leftover after parsing attributes in process `syz.0.765'. [ 406.383425][T10782] siw: device registration error -23 [ 406.697045][T10789] netlink: 12 bytes leftover after parsing attributes in process `syz.1.769'. [ 406.792779][T10794] netlink: 36 bytes leftover after parsing attributes in process `syz.0.768'. [ 407.365014][T10800] bond0: (slave wlan1): Releasing backup interface [ 407.377757][T10800] netlink: 'syz.3.770': attribute type 10 has an invalid length. [ 407.384931][T10800] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 408.407916][T10834] netlink: 12 bytes leftover after parsing attributes in process `syz.0.775'. [ 408.531741][T10836] siw: device registration error -23 [ 409.546698][T10865] netlink: 36 bytes leftover after parsing attributes in process `syz.1.777'. [ 409.875135][T10876] netlink: 12 bytes leftover after parsing attributes in process `syz.3.780'. [ 410.049178][T10884] netlink: 36 bytes leftover after parsing attributes in process `syz.2.779'. [ 410.547061][T10889] netlink: 36 bytes leftover after parsing attributes in process `syz.1.781'. [ 410.889642][T10879] siw: device registration error -23 [ 410.990503][T10893] netlink: 12 bytes leftover after parsing attributes in process `syz.2.782'. [ 411.506780][T10911] siw: device registration error -23 [ 412.067833][T10926] siw: device registration error -23 [ 412.603723][T10928] netlink: 12 bytes leftover after parsing attributes in process `syz.3.786'. [ 412.799429][T10935] netlink: 12 bytes leftover after parsing attributes in process `syz.0.788'. [ 413.114570][T10943] netlink: 36 bytes leftover after parsing attributes in process `syz.2.789'. [ 414.598674][T10951] netlink: zone id is out of range [ 414.600435][T10951] netlink: del zone limit has 8 unknown bytes [ 417.669132][T10975] siw: device registration error -23 [ 419.223857][T10988] siw: device registration error -23 [ 419.801312][T11008] siw: device registration error -23 [ 420.138624][T11013] netlink: 12 bytes leftover after parsing attributes in process `syz.3.803'. [ 421.714259][T11025] siw: device registration error -23 [ 422.860163][T11044] siw: device registration error -23 [ 426.491451][T11088] netlink: 12 bytes leftover after parsing attributes in process `syz.3.814'. [ 426.956625][T11093] bond0: (slave wlan1): Releasing backup interface [ 426.963285][T11093] netlink: 'syz.1.815': attribute type 10 has an invalid length. [ 426.973895][T11093] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 427.570788][T11100] siw: device registration error -23 [ 429.778520][T11128] siw: device registration error -23 [ 430.298345][T11140] netlink: 12 bytes leftover after parsing attributes in process `syz.2.821'. [ 431.231040][T11161] netlink: 36 bytes leftover after parsing attributes in process `syz.1.824'. [ 433.132987][T11185] siw: device registration error -23 [ 433.524081][T11184] siw: device registration error -23 [ 433.557081][T11180] debugfs: 'ptm0' already exists in 'caif_serial' [ 433.699005][T11192] netlink: 12 bytes leftover after parsing attributes in process `syz.0.832'. [ 434.767707][T11207] bond0: (slave wlan1): Releasing backup interface [ 434.805304][T11207] netlink: 'syz.1.833': attribute type 10 has an invalid length. [ 434.826024][T11207] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 437.388617][T11239] siw: device registration error -23 [ 437.938097][T11237] debugfs: 'ptm0' already exists in 'caif_serial' [ 438.094062][T11260] netlink: 36 bytes leftover after parsing attributes in process `syz.1.841'. [ 440.258151][T11282] siw: device registration error -23 [ 441.016115][T11289] siw: device registration error -23 [ 441.036068][T11290] netlink: 12 bytes leftover after parsing attributes in process `syz.0.848'. [ 441.701368][T11309] netlink: zone id is out of range [ 441.703139][T11309] netlink: del zone limit has 8 unknown bytes [ 443.143654][T11331] bond0: (slave wlan1): Releasing backup interface [ 443.155192][T11331] netlink: 'syz.1.853': attribute type 10 has an invalid length. [ 443.159302][T11331] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 443.766729][T11342] siw: device registration error -23 [ 443.974144][T11343] siw: device registration error -23 [ 444.583585][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 444.586010][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 446.800382][T11381] netlink: 12 bytes leftover after parsing attributes in process `syz.0.862'. [ 447.323094][T11390] netlink: zone id is out of range [ 447.324820][T11390] netlink: del zone limit has 8 unknown bytes [ 448.838557][T11396] siw: device registration error -23 [ 450.344287][T11426] siw: device registration error -23 [ 451.055561][T11435] siw: device registration error -23 [ 451.614178][T11449] siw: device registration error -23 [ 452.568500][T11469] netlink: zone id is out of range [ 452.570228][T11469] netlink: del zone limit has 8 unknown bytes [ 452.778521][T11472] siw: device registration error -23 [ 454.062598][T11494] siw: device registration error -23 [ 454.163459][T11495] siw: device registration error -23 [ 454.898887][T11519] netlink: 36 bytes leftover after parsing attributes in process `syz.1.876'. [ 455.043991][T11524] siw: device registration error -23 [ 456.057401][T11550] netlink: 36 bytes leftover after parsing attributes in process `syz.1.880'. [ 456.370633][T11561] netlink: 36 bytes leftover after parsing attributes in process `syz.0.883'. [ 457.528288][T11590] siw: device registration error -23 [ 458.130237][T11604] siw: device registration error -23 [ 458.136713][T11605] siw: device registration error -23 [ 458.914515][T11628] netlink: 36 bytes leftover after parsing attributes in process `syz.1.890'. [ 459.068792][T11636] netlink: 36 bytes leftover after parsing attributes in process `syz.2.891'. [ 459.852099][T11649] netlink: 12 bytes leftover after parsing attributes in process `syz.1.894'. [ 460.073600][T11656] netlink: 36 bytes leftover after parsing attributes in process `syz.0.895'. [ 460.588443][T11665] netlink: 36 bytes leftover after parsing attributes in process `syz.3.897'. [ 461.054181][T11670] A link change request failed with some changes committed already. Interface hsr_slave_0 may have been left with an inconsistent configuration, please check. [ 461.062167][T11670] netlink: 'syz.2.898': attribute type 10 has an invalid length. [ 461.588442][T11680] siw: device registration error -23 [ 462.662438][T11696] siw: device registration error -23 [ 463.170257][T11702] netlink: 12 bytes leftover after parsing attributes in process `syz.2.903'. [ 463.564810][T11717] siw: device registration error -23 [ 464.384714][T11726] siw: device registration error -23 [ 464.862332][T11741] netlink: 36 bytes leftover after parsing attributes in process `syz.1.908'. [ 464.958192][T11744] netlink: 36 bytes leftover after parsing attributes in process `syz.0.909'. [ 466.221897][T11763] siw: device registration error -23 [ 466.892413][T11771] netlink: 12 bytes leftover after parsing attributes in process `syz.1.914'. [ 468.221256][T11788] siw: device registration error -23 [ 468.840090][T11810] netlink: 12 bytes leftover after parsing attributes in process `syz.2.918'. [ 468.906960][T11813] siw: device registration error -23 [ 469.384895][T11821] bond0: (slave wlan1): Releasing backup interface [ 469.392311][T11821] netlink: 'syz.1.920': attribute type 10 has an invalid length. [ 469.396226][T11821] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 469.895863][T11840] netlink: 24 bytes leftover after parsing attributes in process `syz.3.923'. [ 470.085328][T11843] netlink: 36 bytes leftover after parsing attributes in process `syz.1.922'. [ 470.819988][T11850] netlink: 24 bytes leftover after parsing attributes in process `syz.3.925'. [ 472.826352][T11883] netlink: zone id is out of range [ 472.828176][T11883] netlink: del zone limit has 8 unknown bytes [ 473.535549][T11890] siw: device registration error -23 [ 473.884527][T11892] netlink: 12 bytes leftover after parsing attributes in process `syz.0.932'. [ 474.616373][T11902] bond0: (slave wlan1): Releasing backup interface [ 474.667857][T11902] netlink: 'syz.1.935': attribute type 10 has an invalid length. [ 474.675077][T11902] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 474.873277][T11914] siw: device registration error -23 [ 475.646583][T11935] netlink: 36 bytes leftover after parsing attributes in process `syz.1.938'. [ 477.056181][T11985] netlink: 36 bytes leftover after parsing attributes in process `syz.1.941'. [ 477.280573][T11978] netlink: zone id is out of range [ 477.282375][T11978] netlink: del zone limit has 8 unknown bytes [ 477.791338][T11991] siw: device registration error -23 [ 478.176862][T12001] netlink: 12 bytes leftover after parsing attributes in process `syz.3.944'. [ 478.442197][T12012] bond0: (slave wlan1): Releasing backup interface [ 478.464434][T12012] netlink: 'syz.0.946': attribute type 10 has an invalid length. [ 478.469760][T12012] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 478.855548][T12027] siw: device registration error -23 [ 480.463096][T12033] siw: device registration error -23 [ 482.140158][T12049] siw: device registration error -23 [ 483.181818][T12059] netlink: zone id is out of range [ 483.184211][T12059] netlink: del zone limit has 8 unknown bytes [ 486.294244][T12081] netlink: 12 bytes leftover after parsing attributes in process `syz.3.957'. [ 486.950096][T12088] siw: device registration error -23 [ 487.572578][T12108] siw: device registration error -23 [ 487.769448][T12114] netlink: 36 bytes leftover after parsing attributes in process `syz.2.960'. [ 488.589780][T12134] netlink: 12 bytes leftover after parsing attributes in process `syz.2.962'. [ 490.563780][T12145] netlink: 36 bytes leftover after parsing attributes in process `syz.0.963'. [ 491.119474][T12150] siw: device registration error -23 [ 491.568049][T12160] bond0: (slave wlan1): Releasing backup interface [ 491.703025][T12156] netlink: 'syz.1.966': attribute type 10 has an invalid length. [ 491.708597][T12156] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 491.846469][T12177] netlink: 36 bytes leftover after parsing attributes in process `syz.3.968'. [ 491.988500][T12179] siw: device registration error -23 [ 492.086782][T12181] siw: device registration error -23 [ 492.611754][T12180] debugfs: 'ptm1' already exists in 'caif_serial' [ 493.090554][T12197] netlink: 'syz.3.973': attribute type 10 has an invalid length. [ 493.458116][T12187] siw: device registration error -23 [ 493.567115][T12196] bond0: (slave wlan1): Releasing backup interface [ 493.572911][T12197] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 494.500114][T12228] siw: device registration error -23 [ 494.859058][T12244] netlink: 12 bytes leftover after parsing attributes in process `syz.2.979'. [ 495.108007][T12250] siw: device registration error -23 [ 496.303111][T12273] netlink: 36 bytes leftover after parsing attributes in process `syz.3.983'. [ 499.700517][T12293] siw: device registration error -23 [ 500.228658][T12311] netlink: 12 bytes leftover after parsing attributes in process `syz.3.990'. [ 500.520421][T12325] siw: device registration error -23 [ 500.925322][T12338] bond0: (slave wlan1): Releasing backup interface [ 500.941057][T12338] netlink: 'syz.1.991': attribute type 10 has an invalid length. [ 500.945141][T12338] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 501.206510][T12347] bond0: (slave wlan1): Releasing backup interface [ 501.211469][T12347] netlink: 'syz.1.993': attribute type 10 has an invalid length. [ 501.219517][T12347] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 501.242934][T12353] netlink: 12 bytes leftover after parsing attributes in process `syz.2.994'. [ 501.376238][T12365] netlink: 12 bytes leftover after parsing attributes in process `syz.0.996'. [ 503.004796][T12390] siw: device registration error -23 [ 503.166828][T12392] siw: device registration error -23 [ 503.544941][T12400] siw: device registration error -23 [ 503.741894][T12402] siw: device registration error -23 [ 504.004989][T12410] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1003'. [ 505.105052][T12446] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1006'. [ 506.023580][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 506.025700][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 506.640818][T12464] siw: device registration error -23 [ 507.587861][T12469] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1011'. [ 507.594587][T12483] siw: device registration error -23 [ 510.064787][T12503] siw: device registration error -23 [ 510.873730][T12521] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1019'. [ 511.585339][T12532] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1022'. [ 511.596584][T12533] siw: device registration error -23 [ 511.957355][T12534] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1020'. [ 512.685066][T12563] siw: device registration error -23 [ 513.217791][T12568] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1027'. [ 513.503391][T12576] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1028'. [ 514.012746][T12583] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1029'. [ 514.348866][T12588] siw: device registration error -23 [ 514.534161][T12587] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1031'. [ 515.093147][T12610] siw: device registration error -23 [ 515.800268][T12628] siw: device registration error -23 [ 515.891709][T12638] siw: device registration error -23 [ 516.302787][T12643] siw: device registration error -23 [ 516.318728][T12643] debugfs: 'ptm0' already exists in 'caif_serial' [ 516.702619][T12660] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1038'. [ 517.245696][T12680] siw: device registration error -23 [ 518.212972][T12701] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1044'. [ 520.245266][T12711] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1046'. [ 520.651998][T12723] siw: device registration error -23 [ 520.655780][T12724] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1047'. [ 521.244033][T12736] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1048'. [ 521.693323][T12747] siw: device registration error -23 [ 522.105691][T12761] netlink: 12 bytes leftover after parsing attributes in process `syz.2.1052'. [ 522.232080][T12770] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1050'. [ 523.236627][T12796] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1053'. [ 523.956870][T12800] netlink: 24 bytes leftover after parsing attributes in process `syz.1.1054'. [ 525.756549][T12816] siw: device registration error -23 [ 528.104826][T12847] siw: device registration error -23 [ 529.461934][T12865] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1063'. [ 529.531162][T12868] siw: device registration error -23 [ 529.762918][T12867] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1064'. [ 533.351549][T12915] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1069'. [ 534.041186][T12921] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1070'. [ 534.266519][T12926] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1071'. [ 534.586276][T12930] siw: device registration error -23 [ 535.101734][T12938] netlink: 12 bytes leftover after parsing attributes in process `syz.1.1075'. [ 535.189577][T12946] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1073'. [ 535.228067][T12945] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1074'. [ 538.640788][T12970] siw: device registration error -23 [ 539.186629][T12988] siw: device registration error -23 [ 543.236393][T13047] siw: device registration error -23 [ 543.376301][T13045] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1089'. [ 544.404844][T13056] siw: device registration error -23 [ 544.488140][T13052] debugfs: 'ptm0' already exists in 'caif_serial' [ 544.724830][T13082] netlink: 'syz.3.1093': attribute type 10 has an invalid length. [ 544.814274][T13078] bond0: (slave wlan1): Releasing backup interface [ 544.822564][T13082] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 545.017972][T13083] siw: device registration error -23 [ 545.058189][T13099] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1095'. [ 545.139797][T13104] siw: device registration error -23 [ 545.209889][T13104] debugfs: 'ptm1' already exists in 'caif_serial' [ 546.478828][T13125] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1100'. [ 547.255714][T13136] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1101'. [ 547.497346][T13141] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1103'. [ 547.938084][T13146] netlink: 12 bytes leftover after parsing attributes in process `syz.0.1104'. [ 548.813091][T13149] netlink: 12 bytes leftover after parsing attributes in process `syz.3.1105'. [ 549.300504][T13162] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1107'. [ 549.368783][T13160] siw: device registration error -23 [ 549.402692][T13163] siw: device registration error -23 [ 550.241151][T13187] siw: device registration error -23 [ 550.332346][T13191] netlink: 36 bytes leftover after parsing attributes in process `syz.1.1112'. [ 551.810672][T13200] siw: device registration error -23 [ 552.702973][T13228] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1116'. [ 553.366554][T13235] bond0: (slave wlan1): Releasing backup interface [ 553.374086][T13235] netlink: 'syz.0.1120': attribute type 10 has an invalid length. [ 553.378951][T13235] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 555.322063][T13269] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1125'. [ 555.397222][T13272] netlink: 8 bytes leftover after parsing attributes in process `syz.3.1126'. [ 556.282154][T13283] siw: device registration error -23 [ 556.845410][T13281] siw: device registration error -23 [ 556.938256][T13276] debugfs: 'ptm0' already exists in 'caif_serial' [ 557.352197][T13304] netlink: 36 bytes leftover after parsing attributes in process `syz.3.1131'. [ 557.352648][T13303] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1132'. [ 558.660191][T13323] siw: device registration error -23 [ 560.290757][T13353] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1137'. [ 560.301860][T13351] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1138'. [ 561.302778][T13370] netlink: 36 bytes leftover after parsing attributes in process `syz.0.1140'. [ 561.315642][T13373] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1139'. [ 562.181379][T13379] netlink: 8 bytes leftover after parsing attributes in process `syz.0.1142'. [ 563.333574][T13397] netlink: 36 bytes leftover after parsing attributes in process `syz.2.1146'. [ 565.992111][T13403] siw: device registration error -23 [ 566.205789][T13402] debugfs: 'ptm0' already exists in 'caif_serial' [ 566.635938][T13445] siw: device registration error -23 [ 566.952473][T13448] siw: device registration error -23 [ 567.240684][T13436] debugfs: 'ptm1' already exists in 'caif_serial' [ 567.475695][ T1415] ieee802154 phy0 wpan0: encryption failed: -22 [ 567.478020][ T1415] ieee802154 phy1 wpan1: encryption failed: -22 [ 567.480983][ T1415] ================================================================== [ 567.484012][ T1415] BUG: KASAN: slab-use-after-free in tty_write_room+0x7d/0x90 [ 567.486988][ T1415] Read of size 8 at addr ffff88804bc8f020 by task aoe_tx0/1415 [ 567.491073][ T1415] [ 567.491881][ T1415] CPU: 3 UID: 0 PID: 1415 Comm: aoe_tx0 Not tainted syzkaller #0 PREEMPT(full) [ 567.491895][ T1415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 567.491902][ T1415] Call Trace: [ 567.491908][ T1415] [ 567.491913][ T1415] dump_stack_lvl+0x116/0x1f0 [ 567.491933][ T1415] print_report+0xcd/0x630 [ 567.491949][ T1415] ? __virt_addr_valid+0x81/0x610 [ 567.491966][ T1415] ? __phys_addr+0xe8/0x180 [ 567.491982][ T1415] ? tty_write_room+0x7d/0x90 [ 567.491993][ T1415] kasan_report+0xe0/0x110 [ 567.492009][ T1415] ? tty_write_room+0x7d/0x90 [ 567.492021][ T1415] tty_write_room+0x7d/0x90 [ 567.492032][ T1415] handle_tx+0x14f/0x630 [ 567.492043][ T1415] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 567.492060][ T1415] dev_hard_start_xmit+0x97/0x6e0 [ 567.492073][ T1415] __dev_queue_xmit+0x6d7/0x4650 [ 567.492086][ T1415] ? rcu_is_watching+0x12/0xc0 [ 567.492101][ T1415] ? finish_task_switch.isra.0+0x207/0xbd0 [ 567.492117][ T1415] ? __pfx___dev_queue_xmit+0x10/0x10 [ 567.492129][ T1415] ? __lock_acquire+0x436/0x2890 [ 567.492140][ T1415] ? ref_tracker_free+0x37c/0x830 [ 567.492153][ T1415] ? do_raw_spin_lock+0x12c/0x2b0 [ 567.492166][ T1415] ? find_held_lock+0x2b/0x80 [ 567.492179][ T1415] ? skb_dequeue+0x126/0x180 [ 567.492197][ T1415] ? find_held_lock+0x2b/0x80 [ 567.492211][ T1415] ? rcu_is_watching+0x12/0xc0 [ 567.492226][ T1415] tx+0xcc/0x190 [ 567.492236][ T1415] ? __pfx_tx+0x10/0x10 [ 567.492244][ T1415] kthread+0x1e4/0x3e0 [ 567.492258][ T1415] ? find_held_lock+0x2b/0x80 [ 567.492271][ T1415] ? __pfx_kthread+0x10/0x10 [ 567.492286][ T1415] ? __pfx_default_wake_function+0x10/0x10 [ 567.492300][ T1415] ? lockdep_hardirqs_on+0x7c/0x110 [ 567.492316][ T1415] ? __kthread_parkme+0x19e/0x250 [ 567.492332][ T1415] ? __pfx_kthread+0x10/0x10 [ 567.492346][ T1415] kthread+0x3c5/0x780 [ 567.492356][ T1415] ? __pfx_kthread+0x10/0x10 [ 567.492367][ T1415] ? rcu_is_watching+0x12/0xc0 [ 567.492381][ T1415] ? __pfx_kthread+0x10/0x10 [ 567.492391][ T1415] ret_from_fork+0x983/0xb10 [ 567.492402][ T1415] ? __pfx_ret_from_fork+0x10/0x10 [ 567.492413][ T1415] ? __switch_to+0x7af/0x10d0 [ 567.492427][ T1415] ? __pfx_kthread+0x10/0x10 [ 567.492437][ T1415] ret_from_fork_asm+0x1a/0x30 [ 567.492456][ T1415] [ 567.492460][ T1415] [ 567.564192][ T1415] Allocated by task 13436: [ 567.565616][ T1415] kasan_save_stack+0x33/0x60 [ 567.567108][ T1415] kasan_save_track+0x14/0x30 [ 567.568571][ T1415] __kasan_kmalloc+0xaa/0xb0 [ 567.570057][ T1415] alloc_tty_struct+0x96/0x8c0 [ 567.571575][ T1415] tty_init_dev.part.0+0x1e/0x500 [ 567.573176][ T1415] tty_init_dev+0x60/0x80 [ 567.574562][ T1415] ptmx_open+0x15e/0x3c0 [ 567.575930][ T1415] chrdev_open+0x234/0x6a0 [ 567.577341][ T1415] do_dentry_open+0x748/0x1590 [ 567.578870][ T1415] vfs_open+0x82/0x3f0 [ 567.580160][ T1415] path_openat+0x2078/0x3140 [ 567.581648][ T1415] do_filp_open+0x20b/0x470 [ 567.583100][ T1415] do_sys_openat2+0x121/0x290 [ 567.584809][ T1415] __ia32_compat_sys_openat+0x16d/0x210 [ 567.587129][ T1415] __do_fast_syscall_32+0xe8/0x680 [ 567.588765][ T1415] do_fast_syscall_32+0x32/0x80 [ 567.590320][ T1415] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 567.592298][ T1415] [ 567.593065][ T1415] Freed by task 29: [ 567.594289][ T1415] kasan_save_stack+0x33/0x60 [ 567.595773][ T1415] kasan_save_track+0x14/0x30 [ 567.597260][ T1415] kasan_save_free_info+0x3b/0x60 [ 567.598898][ T1415] __kasan_slab_free+0x5f/0x80 [ 567.600436][ T1415] kfree+0x2f8/0x6e0 [ 567.601669][ T1415] process_one_work+0x9ba/0x1b20 [ 567.603190][ T1415] worker_thread+0x6c8/0xf10 [ 567.604664][ T1415] kthread+0x3c5/0x780 [ 567.606103][ T1415] ret_from_fork+0x983/0xb10 [ 567.607582][ T1415] ret_from_fork_asm+0x1a/0x30 [ 567.609129][ T1415] [ 567.609952][ T1415] Last potentially related work creation: [ 567.611775][ T1415] kasan_save_stack+0x33/0x60 [ 567.613371][ T1415] kasan_record_aux_stack+0xa7/0xc0 [ 567.615126][ T1415] insert_work+0x36/0x230 [ 567.616509][ T1415] __queue_work+0x94f/0x10e0 [ 567.618017][ T1415] queue_work_on+0x1a4/0x1f0 [ 567.619488][ T1415] release_tty+0x4de/0x5d0 [ 567.620934][ T1415] tty_release_struct+0xb7/0xe0 [ 567.622608][ T1415] tty_release+0xe2d/0x1470 [ 567.624096][ T1415] __fput+0x402/0xb70 [ 567.625593][ T1415] task_work_run+0x150/0x240 [ 567.627468][ T1415] do_exit+0x87f/0x2bd0 [ 567.629172][ T1415] do_group_exit+0xd3/0x2a0 [ 567.631051][ T1415] get_signal+0x2671/0x26d0 [ 567.632925][ T1415] arch_do_signal_or_restart+0x8f/0x7a0 [ 567.635168][ T1415] exit_to_user_mode_loop+0x8c/0x540 [ 567.637312][ T1415] __do_fast_syscall_32+0x4a4/0x680 [ 567.639431][ T1415] do_fast_syscall_32+0x32/0x80 [ 567.641416][ T1415] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 567.643975][ T1415] [ 567.644968][ T1415] The buggy address belongs to the object at ffff88804bc8f000 [ 567.644968][ T1415] which belongs to the cache kmalloc-cg-2k of size 2048 [ 567.650590][ T1415] The buggy address is located 32 bytes inside of [ 567.650590][ T1415] freed 2048-byte region [ffff88804bc8f000, ffff88804bc8f800) [ 567.655445][ T1415] [ 567.656258][ T1415] The buggy address belongs to the physical page: [ 567.658296][ T1415] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x4bc88 [ 567.661045][ T1415] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 567.663734][ T1415] memcg:ffff88804c48a101 [ 567.665099][ T1415] flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff) [ 567.667502][ T1415] page_type: f5(slab) [ 567.668807][ T1415] raw: 04fff00000000040 ffff88801b44c140 dead000000000100 dead000000000122 [ 567.671509][ T1415] raw: 0000000000000000 0000000000080008 00000000f5000000 ffff88804c48a101 [ 567.674280][ T1415] head: 04fff00000000040 ffff88801b44c140 dead000000000100 dead000000000122 [ 567.677171][ T1415] head: 0000000000000000 0000000000080008 00000000f5000000 ffff88804c48a101 [ 567.680198][ T1415] head: 04fff00000000003 ffffea00012f2201 00000000ffffffff 00000000ffffffff [ 567.682973][ T1415] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 567.685770][ T1415] page dumped because: kasan: bad access detected [ 567.687820][ T1415] page_owner tracks the page as allocated [ 567.689633][ T1415] page last allocated via order 3, migratetype Unmovable, gfp_mask 0x1d20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC|__GFP_HARDWALL), pid 9813, tgid 9812 (syz.0.607), ts 339239379912, free_ts 338990471911 [ 567.696835][ T1415] post_alloc_hook+0x1af/0x220 [ 567.698415][ T1415] get_page_from_freelist+0xd0b/0x31a0 [ 567.700182][ T1415] __alloc_frozen_pages_noprof+0x25f/0x2430 [ 567.702106][ T1415] alloc_pages_mpol+0x1fb/0x550 [ 567.703726][ T1415] new_slab+0x2c3/0x430 [ 567.705159][ T1415] ___slab_alloc+0xe18/0x1c90 [ 567.706705][ T1415] __slab_alloc.constprop.0+0x63/0x110 [ 567.708430][ T1415] __kmalloc_cache_noprof+0x485/0x800 [ 567.710188][ T1415] bpf_prog_alloc_no_stats+0x118/0x600 [ 567.711935][ T1415] bpf_prog_alloc+0x3b/0x230 [ 567.713482][ T1415] bpf_prog_load+0x19bc/0x2cc0 [ 567.715086][ T1415] __sys_bpf+0x3e72/0x4980 [ 567.716543][ T1415] __ia32_sys_bpf+0x76/0xe0 [ 567.718025][ T1415] __do_fast_syscall_32+0xe8/0x680 [ 567.719668][ T1415] do_fast_syscall_32+0x32/0x80 [ 567.721229][ T1415] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 567.723288][ T1415] page last free pid 5855 tgid 5855 stack trace: [ 567.725401][ T1415] __free_frozen_pages+0x7df/0x1170 [ 567.727117][ T1415] __folio_put+0x329/0x450 [ 567.728545][ T1415] skb_release_data+0x81a/0x9e0 [ 567.730162][ T1415] skb_attempt_defer_free+0x52f/0x710 [ 567.731884][ T1415] tcp_recvmsg_locked+0x11e3/0x2910 [ 567.733583][ T1415] tcp_recvmsg+0x12f/0x680 [ 567.735067][ T1415] inet_recvmsg+0x129/0x6a0 [ 567.736631][ T1415] sock_recvmsg+0x1b2/0x250 [ 567.738158][ T1415] sock_read_iter+0x2b9/0x3b0 [ 567.739679][ T1415] vfs_read+0xa98/0xcf0 [ 567.741031][ T1415] ksys_read+0x1f8/0x250 [ 567.742431][ T1415] do_syscall_64+0xcd/0xf80 [ 567.743860][ T1415] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 567.745713][ T1415] [ 567.746485][ T1415] Memory state around the buggy address: [ 567.748236][ T1415] ffff88804bc8ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 567.750754][ T1415] ffff88804bc8ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 567.753241][ T1415] >ffff88804bc8f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 567.755758][ T1415] ^ [ 567.757381][ T1415] ffff88804bc8f080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 567.759878][ T1415] ffff88804bc8f100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 567.762379][ T1415] ================================================================== [ 567.765029][ T1415] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 567.767292][ T1415] CPU: 3 UID: 0 PID: 1415 Comm: aoe_tx0 Not tainted syzkaller #0 PREEMPT(full) [ 567.770099][ T1415] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 567.773430][ T1415] Call Trace: [ 567.774507][ T1415] [ 567.775448][ T1415] dump_stack_lvl+0x3d/0x1f0 [ 567.776920][ T1415] vpanic+0x640/0x6f0 [ 567.778199][ T1415] panic+0xca/0xd0 [ 567.779389][ T1415] ? __pfx_panic+0x10/0x10 [ 567.780816][ T1415] ? check_panic_on_warn+0x1f/0xb0 [ 567.782433][ T1415] check_panic_on_warn+0xab/0xb0 [ 567.783999][ T1415] end_report+0x107/0x160 [ 567.785372][ T1415] kasan_report+0xee/0x110 [ 567.786825][ T1415] ? tty_write_room+0x7d/0x90 [ 567.788314][ T1415] tty_write_room+0x7d/0x90 [ 567.789769][ T1415] handle_tx+0x14f/0x630 [ 567.791144][ T1415] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 567.792976][ T1415] dev_hard_start_xmit+0x97/0x6e0 [ 567.794571][ T1415] __dev_queue_xmit+0x6d7/0x4650 [ 567.796157][ T1415] ? rcu_is_watching+0x12/0xc0 [ 567.797681][ T1415] ? finish_task_switch.isra.0+0x207/0xbd0 [ 567.799490][ T1415] ? __pfx___dev_queue_xmit+0x10/0x10 [ 567.801189][ T1415] ? __lock_acquire+0x436/0x2890 [ 567.802770][ T1415] ? ref_tracker_free+0x37c/0x830 [ 567.804360][ T1415] ? do_raw_spin_lock+0x12c/0x2b0 [ 567.805973][ T1415] ? find_held_lock+0x2b/0x80 [ 567.807461][ T1415] ? skb_dequeue+0x126/0x180 [ 567.808932][ T1415] ? find_held_lock+0x2b/0x80 [ 567.810451][ T1415] ? rcu_is_watching+0x12/0xc0 [ 567.811967][ T1415] tx+0xcc/0x190 [ 567.813109][ T1415] ? __pfx_tx+0x10/0x10 [ 567.814399][ T1415] kthread+0x1e4/0x3e0 [ 567.815672][ T1415] ? find_held_lock+0x2b/0x80 [ 567.817135][ T1415] ? __pfx_kthread+0x10/0x10 [ 567.818614][ T1415] ? __pfx_default_wake_function+0x10/0x10 [ 567.820462][ T1415] ? lockdep_hardirqs_on+0x7c/0x110 [ 567.822112][ T1415] ? __kthread_parkme+0x19e/0x250 [ 567.823705][ T1415] ? __pfx_kthread+0x10/0x10 [ 567.825170][ T1415] kthread+0x3c5/0x780 [ 567.826484][ T1415] ? __pfx_kthread+0x10/0x10 [ 567.827952][ T1415] ? rcu_is_watching+0x12/0xc0 [ 567.829497][ T1415] ? __pfx_kthread+0x10/0x10 [ 567.830940][ T1415] ret_from_fork+0x983/0xb10 [ 567.832402][ T1415] ? __pfx_ret_from_fork+0x10/0x10 [ 567.834025][ T1415] ? __switch_to+0x7af/0x10d0 [ 567.835514][ T1415] ? __pfx_kthread+0x10/0x10 [ 567.837001][ T1415] ret_from_fork_asm+0x1a/0x30 [ 567.838536][ T1415] [ 567.840183][ T1415] Kernel Offset: disabled [ 567.841578][ T1415] Rebooting in 86400 seconds.. VM DIAGNOSIS: 18:34:20 Registers: info registers vcpu 0 CPU#0 EAX=f70814b8 EBX=ffffffff ECX=ffffffff EDX=8b731409 ESI=8b731409 EDI=ffffffff EBP=f7081460 ESP=ff9280b0 EIP=f7117ee8 EFL=00000246 [---Z-P-] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA] SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 00000000 ffffffff 00c00000 GS =0063 57746440 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 00000000 ffffffff 00c00000 TR =0040 00003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000000c2ca2d8 CR3=00000000577fe000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000002a8aafd RBX=0000000000000001 RCX=ffffffff8b7576d9 RDX=0000000000000000 RSI=ffffffff8daca937 RDI=ffffffff8bf2b580 RBP=ffffed1003ad9498 RSP=ffffc9000046fde8 R8 =0000000000000001 R9 =ffffed100566673d R10=ffff88802b3339eb R11=ffff88801d6caff0 R12=0000000000000001 R13=ffff88801d6ca4c0 R14=ffffffff9088e8d0 R15=0000000000000000 RIP=ffffffff8b755dcf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880977fc000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000306e0ffc CR3=000000000e184000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7dd5b42bcefa25a4 b706cec57f62f8a1 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 56b41645863e010a 735b8a14de18ed2d ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b78b29833a575892 2c2dad2202b6cd6b ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 44020d879ff72281 c05d37d9658509b1 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000005c40 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 016ba99abb03dedc 0000015800000158 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ba73d438bb321aca bcdf262abc91ddaa ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0208a43900000000 0000015800000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000015800000158 bc319efa00000158 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 dc87fe1376d1aad8 0d2bb08758f025ac ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6564f9f4200b97a9 99de80a314ff9984 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=00000000ff954290 RCX=ffffffff911ae718 RDX=1ffff9200079eefd RSI=0000000000000006 RDI=ffffc90003cf77e8 RBP=0000000000000001 RSP=ffffc90003cf7760 R8 =ffffffff911ae71c R9 =00000000ffffffff R10=0000000000000002 R11=000000000000001e R12=ffffc90003cf7828 R13=ffffc90003cf77d8 R14=ffffc90003cf7f48 R15=0000000000000001 RIP=ffffffff8b756786 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880978fc000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007fdddca74000 CR3=000000005c996000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff85300f60 RDI=ffffffff9aed9260 RBP=ffffffff9aed9220 RSP=ffffc90007d4f320 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552 R12=0000000000000000 R13=0000000000000060 R14=fffffbfff35db29e R15=dffffc0000000000 RIP=ffffffff85300f87 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880979fc000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f742f230 CR3=000000006d5e4000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004800000000 0000000100000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000004800000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000