last executing test programs: 6.375943077s ago: executing program 1 (id=60): sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) connect$inet6(0xffffffffffffffff, 0x0, 0x0) socket(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r0}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x7, 0x8008, 0xc, 0x3, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bind$bt_hci(r1, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6) write(r1, &(0x7f0000000040)="05000000010000", 0x7) write$bt_hci(0xffffffffffffffff, &(0x7f00000005c0)=ANY=[@ANYBLOB="0e00000002"], 0x8) syz_usb_control_io$printer(0xffffffffffffffff, 0x0, &(0x7f0000000c80)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRESOCT], 0xffffffffffffffee) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000180)={0x4, 0xffff1000, 0x8, r4}) close_range(r3, r4, 0x0) syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0403"], 0x14) socket$can_bcm(0x1d, 0x2, 0x2) socket$unix(0x1, 0x5, 0x0) r5 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001240)={0x8, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000002018110000", @ANYRES32=r5, @ANYBLOB], &(0x7f0000000200)='syzkaller\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90324fc60100005000a000248053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) 5.638650556s ago: executing program 1 (id=66): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x80000100008b}, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) io_setup(0x5, &(0x7f00000003c0)=0x0) io_submit(r2, 0x1, &(0x7f0000000080)=[&(0x7f0000000400)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) connect$unix(r1, &(0x7f0000000100)=@file={0x0, './file0\x00'}, 0x6e) r3 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)) r5 = socket$kcm(0x11, 0x3, 0x0) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000002c80)={0x3, 0x5, &(0x7f0000000340)=ANY=[@ANYBLOB="180200000000e1ff00000000000000008500000027000000850000002300000095"], &(0x7f0000000080)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000000)={r6, 0x0, 0xe, 0x0, &(0x7f00000000c0)="ff07000000000000ab5becdc7da9", 0x0, 0x100, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) socket$packet(0x11, 0x3, 0x300) setsockopt$sock_attach_bpf(r5, 0x107, 0xf, &(0x7f0000000000), 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f00000012c0)=ANY=[@ANYRES8=0x0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xf, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r7 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000001000000850000000e000000850000002a00000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r7}, 0x10) gettid() r8 = getpid() process_vm_readv(r8, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r4, 0xae80, 0x0) 5.193490493s ago: executing program 1 (id=68): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x2, 0x5, 0x0, 0x2, 0x9, 0x0, 0x0, 0x25dfdbff, [@sadb_sa={0x2, 0x1, 0x0, 0x0, 0x10, 0xfb}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x4e22, 0x8, @private2={0xfc, 0x2, '\x00', 0x1}, 0xfffff4c8}}]}, 0x48}, 0x1, 0x7}, 0x40000) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x0, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}, {0x2}, {}, {}, {0x0, 0x1000}, {0xff7ffffc, 0x3ff}, {0x400020, 0x7ffffffe}], 0x0, 0x4, 0x0, 0x2}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) r2 = openat$nmem0(0xffffff9c, &(0x7f0000000040), 0x101040, 0x0) getsockopt$XDP_STATISTICS(r2, 0x11b, 0x7, 0x0, &(0x7f00000000c0)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) setresuid(0x0, 0x0, 0x0) eventfd(0x80001ff) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, 0x0) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r2, 0x800442d4, &(0x7f0000000080)=0x3) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000180)=ANY=[]) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) socket$nl_route(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r4, 0x8933, &(0x7f0000000180)={'bond0\x00'}) timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004}, &(0x7f0000000200)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) r5 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2) splice(r5, &(0x7f00000000c0)=0xffffffff, r0, &(0x7f0000000140)=0x3, 0x4, 0x9) 5.19268021s ago: executing program 0 (id=69): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[@ANYBLOB="170000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000200)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0xd, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r1}, 0x10) r2 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000000c0)=ANY=[@ANYBLOB="3c0000002a4a2feded10000104000065d7000000", @ANYRES32=0x0, @ANYBLOB="7bbf010000000000140012800b00010062726964676500000400028008000400c6040000"], 0x3c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000007c0)=ANY=[@ANYBLOB="980300003d00090000000000000000000100000014000000fc020000000000000000000000000001680301808c0210808802df80970025800400c41ea82119db7cfb257a32909803e38aeee783bbe9554f6c4576286d3869aef5b0d37bc5637f6400000000000000f0c72ab03dd3fe567ee33c1ecfa7cb3bb0e7006557f31376bb7059c8c544866b1678d8be3d279e60bad976fe78f28ab682191ddd258e77a40f0ca9d2fab704d1b3107d500301afe90794493e7b5508803fafbe7a0c56534c8b243d0800b300", @ANYRES32=r0, @ANYBLOB="0014001b00fe80000000000000000000000000000de500f380f9a4c8bc06ba2b87968e32c65c8720933149fd846ce68b8b19d160b94841d92aaeb475376d2f86855c3fa57445728332b9972b20308d34d19f970b3e832a9565dc6b12c980fd026e1d7dd016eddabc80600e6feec0ff76017b743ac4d97b5ef823fc8e9243a21435a9cc23ee3909628ca956b64e0400aa80940a939e823f2b38b137dafc16989b76b21d7ab61cd1345238cd9348101946b73e152d60603ab520a885e521a8911a4c5c25900e86f27d55c31d2818ea33392b9db6484bdc9918e5b87603567c83e9eb8d311e3f8666033b2abd148fba3d88f4047825a5c56fab1c630000006f004480040079808ba4a09eafe46239ed7d87621be1f92bceebf70b417287acf8f76cd4ccdd708890836069593cbd86948ced8a43f62a3ef766c79302d078e5b6f83c44e5819fe86cfc07449f1c230de59f9a8b96ceb2a5435fc350891d953efb4ba5de49616104004c8004005e80007d0011801545f6971726512ef79338170daa23f4852cbc1f4397cbf9f6b1424b66e3d1d077d2ff00c973276a7ccda5b1de8de0ef941659649511c096f5ff3d1bbf1cbe3459e014e376fe9b0dc72e19b8e78c83b2b43e7ce940dea0a7daafdf2fc97fb0292b0792fbc51ba2d8df7e3b6e240fee7199ba1a14957afbc60e00000006c20080dca9aa0df296f20e002e7f000196e2e271acf0237113198029ae4cb3479cf392839b79fbae4efc443a2c1324c7eb39dadefe1ea97a884a94b1266b2a519a981abf7e1da5c28c675f2579a8cdc3c39121fefaa8f857c67f1a9f0f493a8146a7b95d4102387bf679a6e7546212e53de0badbf87a329ae5b339ab278b0b177addce23eb25da43acb0184876c8c0f9980d7d74384041b3cac1b2c707bd4bcb7a10ce7d8b02a62767803abe1f830531a741f0a6d3b807a7633fca45d0d972a04f7b966617cd69eef88da62d8b50653ab69364875eb7450800020000000000"], 0x398}, 0x1, 0x0, 0x0, 0x4000001}, 0x4000000) sendmsg$IPCTNL_MSG_CT_NEW(0xffffffffffffffff, 0x0, 0x0) r4 = mmap$binder(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0x1, 0x11, 0xffffffffffffffff, 0x9) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000003c0)={0x1c, 0x0, &(0x7f0000000180)=[@clear_death={0x400c630f, 0x2}, @free_buffer={0x40086303, r4}], 0xff, 0x0, &(0x7f00000002c0)="52f3841feee64667c29bf08d298c003235693fdde3b9736c11bf8cb67dff15ced64c4817b1fbbc5cd85b49fe3663f165ae864da2841d140647c3b844d32501f039a6e75c5138a08c3d0ef1195fa2ac7f213d72c077f368eebb949ec1c40bc4248c1eedd8cc0428ff20cd35174d891b9cac2a0d106938768e414c92238efde6362655ee4d411f89ce18ebcd0a323f9b0c19eaca55ca523174703cb527cf09e1df214aa5ac40ece6ba3ec1cdf083a8fef8c2e6915373d956de249fb808e1d4b640454ab8871a3d0c6849c4b5ddca6718de5c25ff79144aa7eac5f43f72a0abc0e62ae05a60de78119b2a23fa61067b6b10fc68774ffe87712ae7ae72863fe4cd"}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r6 = dup(r5) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'gcm_base(ctr(aes-aesni),ghash-generic)\x00'}, 0x58) r8 = accept4(r7, 0x0, 0x0, 0x0) syz_genetlink_get_family_id$ipvs(&(0x7f00000001c0), r8) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f00000000c0)) ioctl$AUTOFS_IOC_PROTOVER(r6, 0x80049363, &(0x7f00000004c0)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000080)={{&(0x7f0000ffd000/0x3000)=nil, 0x3000}, 0x1}) r9 = socket$inet_smc(0x2b, 0x1, 0x0) shutdown(r9, 0x2000000) madvise(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x19) socket(0x2, 0x80000, 0x622) ioctl$UFFDIO_COPY(0xffffffffffffffff, 0xc028aa05, &(0x7f0000000040)={&(0x7f0000ffd000/0x3000)=nil, &(0x7f0000000000/0x3000)=nil, 0x3000, 0x2}) 4.82091206s ago: executing program 3 (id=71): socket(0x5, 0x5, 0x0) keyctl$unlink(0x9, 0x0, 0xfffffffffffffffd) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000300)=0x4) r1 = openat$sndseq(0xffffff9c, &(0x7f0000000340), 0x40) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000480)={{0x0, 0x7}, {0x3, 0xf}, 0x1, 0x5, 0x8}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2) socket$inet6_sctp(0xa, 0x801, 0x84) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0) r4 = memfd_secret(0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r4, 0x0) r5 = userfaultfd(0x80001) ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x309}) ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000080)={{&(0x7f000050a000/0x13000)=nil, 0x13000}, 0x1}) readv(r2, &(0x7f00000002c0)=[{&(0x7f0000000400)=""/224, 0xe0}], 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x18) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200)=@usbdevfs_disconnect={0x3}) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0x80045505, &(0x7f0000000040)=@usbdevfs_disconnect={0x1}) ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045515, &(0x7f0000000000)={0x1, 0x1}) 4.64400306s ago: executing program 3 (id=72): setpriority(0x0, 0x0, 0x7) r0 = mq_open(&(0x7f0000000040)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!Tnux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000000)={0x0, 0x1, 0x8}) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000400)='ramfs\x00', 0x2000000, 0x0) chdir(&(0x7f0000000280)='./file0\x00') creat(&(0x7f0000000300)='./bus\x00', 0x15d) r4 = open(&(0x7f00000000c0)='./bus\x00', 0x14103e, 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x143042, 0xfe) ftruncate(r5, 0x2008002) r6 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r6, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10) ioctl$sock_SIOCOUTQ(r6, 0x5411, &(0x7f0000001c80)) sendfile(r4, r5, 0x0, 0x80000001) mq_timedreceive(r0, 0x0, 0xfffffffffffffee3, 0x1, 0x0) mq_timedreceive(r0, &(0x7f0000000180)=""/196, 0xc4, 0x0, 0x0) mq_timedreceive(r0, &(0x7f0000000440)=""/30, 0x1e, 0x80000000, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x1) 4.026969024s ago: executing program 0 (id=73): mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x1000002, 0x2172, 0xffffffffffffffff, 0x388f9000) r0 = openat$tun(0xffffff9c, &(0x7f00000010c0), 0x600, 0x0) ioctl$TUNSETVNETBE(r0, 0x400454de, &(0x7f0000001100)=0x1) munmap(&(0x7f0000002000/0x2000)=nil, 0x2000) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f00000002c0)={0x26, 'skcipher\x00', 0x0, 0x0, 'pcbc(xeta)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r1, 0x117, 0x1, &(0x7f0000000000)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r2 = accept4(r1, 0x0, 0x0, 0x0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r3, 0x84, 0x9, 0x0, &(0x7f0000000140)) sendmsg$DEVLINK_CMD_SB_PORT_POOL_GET(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000200)={0x48, 0x0, 0x400, 0x70bd26, 0x25dfdbfb, {}, [{{@pci={{0x8}, {0x11}}, {0x8, 0x3, 0x1}}, {0x8, 0xb, 0x8}, {0x6, 0x11, 0x1}}]}, 0x48}, 0x1, 0x0, 0x0, 0x880}, 0x40) r4 = socket$netlink(0x10, 0x3, 0x0) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r4, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000080)=@bridge_delneigh={0x1c, 0x1d, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r6}}, 0x1c}}, 0x0) recvmsg(r2, &(0x7f00000000c0)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000001680)=""/4084, 0xff4}], 0x1}, 0x12041) r7 = socket$nl_route(0x10, 0x3, 0x0) r8 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r8, 0x8933, &(0x7f0000000000)={'bridge0\x00', 0x0}) sendmsg$nl_route(r7, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000800)=ANY=[@ANYBLOB="240000007000010000000000feffffff07001e003c2eb7118bc1fc8fdaf15148b7400e29fb8f025a04a30e79f06770edc0ceba0291d99a", @ANYRES32=r9, @ANYBLOB="0c0001800800010000000000"], 0x24}}, 0x0) r10 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r10, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) write$bt_hci(r10, &(0x7f0000000580)=ANY=[@ANYBLOB="4300000002"], 0x8) r11 = syz_open_dev$media(&(0x7f0000000000), 0x0, 0x0) ioctl$MEDIA_IOC_ENUM_LINKS(r11, 0xc01c7c02, 0x0) r12 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000000000)='cmdline\x00') prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x12, 0xffffffffffffffff, 0x0) quotactl$Q_SYNC(0xffffffff80000100, 0x0, 0x0, 0x0) preadv(r12, &(0x7f0000000780)=[{&(0x7f0000000040)=""/184, 0xb8}, {&(0x7f0000000100)=""/241, 0xf1}, {&(0x7f0000000200)=""/84, 0x54}, {&(0x7f0000000280)=""/241, 0x146}, {&(0x7f0000000380)=""/185, 0xb9}, {&(0x7f0000000440)=""/156, 0x9c}, {&(0x7f00000005c0)=""/137, 0x89}, {&(0x7f0000000500)=""/12, 0xc}, {&(0x7f0000000680)=""/244, 0xf4}], 0x9, 0xb0, 0x40000) 3.871657228s ago: executing program 0 (id=74): sendmsg$netlink(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) connect$inet6(0xffffffffffffffff, 0x0, 0x0) socket(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f0000000280)='contention_end\x00', r0}, 0x10) mkdirat$cgroup_root(0xffffffffffffff9c, 0x0, 0x1ff) bind$bt_hci(0xffffffffffffffff, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) r1 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0x7, 0x8008, 0xc, 0x3, 0x1, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x5, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bind$bt_hci(r1, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6) write(r1, &(0x7f0000000040)="05000000010000", 0x7) write$bt_hci(0xffffffffffffffff, &(0x7f00000005c0)=ANY=[@ANYBLOB="0e00000002"], 0x8) syz_usb_control_io$printer(0xffffffffffffffff, 0x0, &(0x7f0000000c80)={0x34, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_emit_vhci(&(0x7f00000001c0)=ANY=[@ANYRESOCT], 0xffffffffffffffee) r2 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = eventfd2(0x0, 0x0) ioctl$KVM_IOEVENTFD(r3, 0x4040ae79, &(0x7f0000000180)={0x4, 0xffff1000, 0x8, r4}) close_range(r3, r4, 0x0) syz_emit_vhci(&(0x7f0000000140)=ANY=[@ANYBLOB="0403"], 0x14) socket$can_bcm(0x1d, 0x2, 0x2) socket$unix(0x1, 0x5, 0x0) r5 = bpf$MAP_CREATE(0x1900000000000000, &(0x7f0000000040)=ANY=[@ANYBLOB="1b00000000000000000000000020"], 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000001240)={0x8, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB="1800000000000000000000000000002018110000", @ANYRES32=r5, @ANYBLOB], &(0x7f0000000200)='syzkaller\x00', 0xa, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r6 = socket$kcm(0x10, 0x3, 0x10) sendmsg$kcm(r6, &(0x7f0000000000)={0x0, 0xd18c9b25, &(0x7f0000000080)=[{&(0x7f0000000040)="e03f03003e000b05d25a806c8c6f94f90324fc60100005000a000248053582c137153e37000c0980fc0b10000300", 0x33fe0}], 0x1}, 0x0) bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, 0x0, 0x0) 3.679374616s ago: executing program 3 (id=76): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB="85000000a80000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0c000000040000000400000009"], 0x48) 3.594202271s ago: executing program 1 (id=77): socket$inet6_mptcp(0xa, 0x1, 0x106) r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) r1 = openat$cgroup_ro(0xffffffffffffff9c, 0x0, 0x7a05, 0x1700) write$cgroup_subtree(r1, 0x0, 0x32600) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r2, &(0x7f0000000280)={0xa, 0x2, 0x0, @empty}, 0x1c) listen(r2, 0x2) r3 = accept4(r2, 0x0, 0x0, 0x0) init_module(0x0, 0x82a, 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(0xffffffffffffffff, 0xc08c5332, 0x0) r4 = openat$procfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) read$FUSE(r4, 0x0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x20000845, &(0x7f0000b63fe4)={0xa, 0x2, 0x0, @loopback}, 0x1c) bpf$PROG_LOAD(0x5, 0x0, 0x0) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r3, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000340)={&(0x7f00000006c0)=ANY=[], 0x60}, 0x1, 0x0, 0x0, 0x20004010}, 0x1) r6 = eventfd(0x4008) ioctl$VHOST_SET_LOG_FD(r0, 0x4004af07, &(0x7f00000002c0)=r6) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000040)={0x1, r6}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000140)={0x0, 0x0, 0x0, &(0x7f0000000500)=""/59, 0x0}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000280)={0x1, 0x1, 0x0, &(0x7f00000000c0)=""/74, &(0x7f0000000480)=""/67, 0xdddd1000}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000e80)={0x6, 0x0, [{0x8000000, 0xc1, &(0x7f0000000a80)=""/193}, {0xd5d75000, 0x52, &(0x7f0000000bc0)=""/82}, {0x2, 0x84, &(0x7f0000000c40)=""/132}, {0xdddd0000, 0x82, &(0x7f0000000f80)=""/130}, {0xdddd1000, 0x2b, &(0x7f0000000080)=""/43}, {0x1000, 0xbd, &(0x7f0000000dc0)=""/189}]}) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f0000000000)=0x1ff) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r7 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) openat2$dir(0xffffff9c, &(0x7f0000000180)='./file0\x00', &(0x7f0000000680)={0x300, 0x103, 0x22}, 0x18) ioctl$VHOST_SET_MEM_TABLE(r7, 0x4008af03, &(0x7f0000000940)={0x8, 0x0, [{0x80a0000, 0xc9, &(0x7f0000000300)=""/201}, {0x2000, 0xf, &(0x7f0000000540)=""/15}, {0xeeee0000, 0x49, &(0x7f0000000200)=""/73}, {0x0, 0x5a, &(0x7f0000000400)=""/90}, {0x1, 0xef, &(0x7f0000000580)=""/239}, {0x3000, 0xc8, &(0x7f00000006c0)=""/200}, {0x1, 0x5a, &(0x7f00000007c0)=""/90}, {0x4, 0xd3, &(0x7f0000000840)=""/211}]}) read$msr(r7, &(0x7f0000019680)=""/102392, 0x18ff8) 3.588220318s ago: executing program 2 (id=78): socket(0x5, 0x5, 0x0) keyctl$unlink(0x9, 0x0, 0xfffffffffffffffd) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000300)=0x4) r1 = openat$sndseq(0xffffff9c, &(0x7f0000000340), 0x40) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000480)={{0x0, 0x7}, {0x3, 0xf}, 0x1, 0x5, 0x8}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2) socket$inet6_sctp(0xa, 0x801, 0x84) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0) r4 = memfd_secret(0x0) ftruncate(r4, 0x51a9497) r5 = userfaultfd(0x80001) ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x309}) ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000080)={{&(0x7f000050a000/0x13000)=nil, 0x13000}, 0x1}) readv(r2, &(0x7f00000002c0)=[{&(0x7f0000000400)=""/224, 0xe0}], 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x18) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200)=@usbdevfs_disconnect={0x3}) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0x80045505, &(0x7f0000000040)=@usbdevfs_disconnect={0x1}) ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045515, &(0x7f0000000000)={0x1, 0x1}) 3.510213283s ago: executing program 3 (id=79): setpriority(0x0, 0x0, 0x7) r0 = mq_open(&(0x7f0000000040)='!\x7f\x00\xca\x00\x00\x00\f\x00\x00\x01E!Tnux\x00', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000000)={0x0, 0x1, 0x8}) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000400)='ramfs\x00', 0x2000000, 0x0) chdir(&(0x7f0000000280)='./file0\x00') creat(&(0x7f0000000300)='./bus\x00', 0x15d) r4 = open(&(0x7f00000000c0)='./bus\x00', 0x14103e, 0x0) r5 = open(&(0x7f0000000000)='./file0\x00', 0x143042, 0xfe) ftruncate(r5, 0x2008002) r6 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r6, &(0x7f0000000200)={0x28, 0x0, 0x0, @my=0x1}, 0x10) ioctl$sock_SIOCOUTQ(r6, 0x5411, &(0x7f0000001c80)) sendfile(r4, r5, 0x0, 0x80000001) mq_timedreceive(r0, 0x0, 0xfffffffffffffee3, 0x1, 0x0) mq_timedreceive(r0, &(0x7f0000000180)=""/196, 0xc4, 0x0, 0x0) mq_timedreceive(r0, &(0x7f0000000440)=""/30, 0x1e, 0x80000000, 0x0) ioctl$TIOCL_UNBLANKSCREEN(0xffffffffffffffff, 0x541c, &(0x7f0000000000)) 2.922210208s ago: executing program 0 (id=80): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x200000d, 0x4008031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r0 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r0, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/65, 0x328000, 0x800}, 0x20) syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600002, 0x8) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) r1 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_emit_ethernet(0x82, &(0x7f0000000400)=ANY=[@ANYBLOB="ffffffffffff0000000000000800450000740000000000019078ac1e0001ac1414aa05019078e00000e0460000000082000000110000ac1414aa00000000830300070300443c0003640101840000000000000000000000000a010100dc4cf53cf46a00000000ac1414bb000000000000000000000000ac14140000000000000000f3ffffff000000862dad56d9052cc57042473a03b8dfc932925f"], 0x0) setsockopt$IP6T_SO_SET_REPLACE(r1, 0x29, 0x40, &(0x7f0000000600)=@filter={'filter\x00', 0x2, 0x4, 0x488, 0xffffffff, 0xf4, 0xf4, 0xf4, 0xfeffffff, 0xffffffff, 0x3c0, 0x3c0, 0x3c0, 0xffffffff, 0x4, 0x0, {[{{@uncond, 0x2f2, 0xd0, 0xf4, 0x0, {}, [@common=@srh={{0x2c}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xcd0e49ae371085da}}]}, @REJECT={0x24, 'REJECT\x00', 0x0, {0x3}}}, {{@uncond, 0x0, 0x198, 0x1bc, 0x0, {}, [@common=@inet=@recent0={{0xf4}, {0x7, 0x2, 0x1, 0x0, 'syz1\x00', 0x80}}]}, @REJECT={0x24}}, {{@uncond, 0x0, 0xec, 0x110, 0x0, {}, [@common=@eui64={{0x24}}, @common=@mh={{0x24}, {"8000", 0x1}}]}, @REJECT={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x4e4) r2 = socket$inet_udplite(0x2, 0x2, 0x88) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r4 = socket(0x400000000010, 0x3, 0x0) r5 = socket$unix(0x1, 0x1, 0x0) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000100)={'syzkaller0\x00', 0x0}) sendmsg$nl_route_sched(r4, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000005c0)=@newqdisc={0x38, 0x24, 0x4ee4e6a52ff56541, 0x70bd2a, 0xffffffff, {0x0, 0x0, 0x0, r6, {0x0, 0x1}, {0xffff, 0xffff}, {0x0, 0x9}}, [@qdisc_kind_options=@q_multiq={{0xb}, {0x8}}]}, 0x38}}, 0x0) sendmsg$nl_route_sched(r4, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000340)=@newtfilter={0x84, 0x2c, 0xd27, 0x30bd29, 0x25dfdbfd, {0x0, 0x0, 0x0, r6, {0xb, 0xfff3}, {}, {0x7}}, [@filter_kind_options=@f_matchall={{0xd}, {0x50, 0x2, [@TCA_MATCHALL_ACT={0x4c, 0x2, [@m_gact={0x48, 0x1, 0x0, 0x0, {{0x9}, {0x1c, 0x2, 0x0, 0x1, [@TCA_GACT_PARMS={0x18, 0x2, {0x7ff, 0x80000001, 0x0, 0x9, 0xd}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x2, 0x3}}}}]}]}}]}, 0x84}, 0x1, 0x0, 0x0, 0x10}, 0x40800) r7 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) dup3(r7, r2, 0x80000) getsockopt$inet_IP_IPSEC_POLICY(r2, 0x0, 0x10, 0x0, &(0x7f0000003c00)) 2.665520206s ago: executing program 2 (id=81): socket(0x5, 0x5, 0x0) keyctl$unlink(0x9, 0x0, 0xfffffffffffffffd) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000300)=0x4) r1 = openat$sndseq(0xffffff9c, &(0x7f0000000340), 0x40) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000480)={{0x0, 0x7}, {0x3, 0xf}, 0x1, 0x5, 0x8}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2) socket$inet6_sctp(0xa, 0x801, 0x84) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0) r4 = memfd_secret(0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0xa, 0x11, r4, 0x0) r5 = userfaultfd(0x80001) ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x309}) ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000080)={{&(0x7f000050a000/0x13000)=nil, 0x13000}, 0x1}) readv(r2, &(0x7f00000002c0)=[{&(0x7f0000000400)=""/224, 0xe0}], 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x18) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200)=@usbdevfs_disconnect={0x3}) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0x80045505, &(0x7f0000000040)=@usbdevfs_disconnect={0x1}) ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045515, &(0x7f0000000000)={0x1, 0x1}) 2.595559189s ago: executing program 3 (id=82): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r1, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000100)={0x14, 0x23, 0x701, 0xfffffffc, 0x0, {0x3}}, 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x4) r2 = socket$pppl2tp(0x18, 0x1, 0x1) r3 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(r2, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r3, {0x2, 0x0, @dev}, 0x2}}, 0x2e) close(r2) r4 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r4, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @dev}, 0x2, 0x0, 0x0, 0x2}}, 0x2e) ioctl$PPPIOCGL2TPSTATS(r4, 0x8004745a, &(0x7f0000000040)) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f00000002c0)={{0x14}, [@NFT_MSG_NEWTABLE={0x20, 0x0, 0xa, 0x201, 0x0, 0x0, {0x1}, [@NFTA_TABLE_NAME={0x9, 0x1, 'syz0\x00'}]}, @NFT_MSG_NEWFLOWTABLE={0x38, 0x16, 0xa, 0x401, 0x0, 0x0, {0x1}, [@NFTA_FLOWTABLE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_FLOWTABLE_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_FLOWTABLE_HOOK={0xc, 0x3, 0x0, 0x1, [@NFTA_FLOWTABLE_HOOK_NUM={0x8}]}]}], {0x14, 0x10}}, 0x80}}, 0x0) r7 = socket$inet_mptcp(0x2, 0x1, 0x106) r8 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r8, 0x1, r7, &(0x7f0000000400)={0xc0000006}) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000000)={'wlan0\x00', 0x0}) r10 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r10, 0x6, 0x13, &(0x7f0000000000)=0x100000001, 0x4) connect$inet6(r10, &(0x7f0000000200)={0xa, 0x0, 0x0, @ipv4={'\x00', '\xff\xff', @dev}}, 0x1c) setsockopt$inet6_IPV6_ADDRFORM(r10, 0x29, 0x1, &(0x7f0000000080), 0x4) setsockopt$inet6_tcp_TCP_ULP(r10, 0x6, 0x1f, &(0x7f00000000c0), 0x4) setsockopt$inet6_tcp_TLS_TX(r10, 0x11a, 0x2, &(0x7f0000000180)=@gcm_256={{0x303}, "c4915c7f49541ce8", "9b84f987950ff3df25fa8f46983d34157e047d27ae4a66a6d15608a32cbaa5bc", '\x00', "be0ea450d5a5fd03"}, 0x38) recvmmsg(r10, &(0x7f0000003600), 0x58, 0x10020, 0x0) sendmsg$NL80211_CMD_FRAME(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000180)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000003b00000008000300", @ANYRES32=r9, @ANYBLOB="1f003300d0000000080211000001080211000000505050505050"], 0x3c}}, 0x0) 2.581301347s ago: executing program 1 (id=83): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x5, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="00005df400000000b7efeb2825b7d992820573349bdd3f12d805000008000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x5}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) connect$802154_dgram(r1, 0x0, 0x0) kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf) r6 = fcntl$dupfd(r5, 0x0, r5) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$TCFLSH(r6, 0x400455c8, 0x20000000009) ioctl$TIOCSETD(r6, 0x5412, &(0x7f0000000000)=0x3) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) socket$nl_netfilter(0x10, 0x3, 0xc) r7 = socket$inet6(0xa, 0x3, 0x4) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vxcan1\x00', 0x0}) bind$can_j1939(0xffffffffffffffff, &(0x7f0000000000)={0x1d, r8, 0x2}, 0x18) setsockopt$inet6_MCAST_MSFILTER(r7, 0x29, 0x30, &(0x7f0000000800)={0x1, {{0xa, 0x0, 0x0, @mcast2}}}, 0x90) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r9, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000080)={0xb9, 0x1, 0x1, 0x301, 0x0, 0x0, {0x9a8f1c0534649a82, 0x0, 0xa}}, 0xb8}}, 0x8a4) 2.512214525s ago: executing program 0 (id=84): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0x5, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="00005df400000000b7efeb2825b7d992820573349bdd3f12d805000008000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x3, 0x5}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r1 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) connect$802154_dgram(r1, 0x0, 0x0) kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r5 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TIOCSETD(r5, 0x5423, &(0x7f00000000c0)=0xf) r6 = fcntl$dupfd(r5, 0x0, r5) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) ioctl$TCFLSH(r6, 0x400455c8, 0x20000000009) (fail_nth: 1) ioctl$TIOCSETD(r6, 0x5412, &(0x7f0000000000)=0x3) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) socket$nl_netfilter(0x10, 0x3, 0xc) r7 = socket$inet6(0xa, 0x3, 0x4) ioctl$ifreq_SIOCGIFINDEX_vcan(0xffffffffffffffff, 0x8933, &(0x7f0000000200)={'vxcan1\x00', 0x0}) bind$can_j1939(0xffffffffffffffff, &(0x7f0000000000)={0x1d, r8, 0x2}, 0x18) setsockopt$inet6_MCAST_MSFILTER(r7, 0x29, 0x30, &(0x7f0000000800)={0x1, {{0xa, 0x0, 0x0, @mcast2}}}, 0x90) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_GET(r9, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x2000000}, 0xc, &(0x7f00000002c0)={&(0x7f0000000080)={0xb9, 0x1, 0x1, 0x301, 0x0, 0x0, {0x9a8f1c0534649a82, 0x0, 0xa}}, 0xb8}}, 0x8a4) 2.042378725s ago: executing program 3 (id=85): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'adiantum(xchacha20-simd,anubis-generic,nhpoly1305-sse2)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd301e5a47b2f3caa73dcd2a6a370554375a", 0x20) r1 = accept4(r0, 0x0, 0x0, 0x0) recvmmsg$unix(r1, &(0x7f0000001540)=[{{0x0, 0x0, &(0x7f0000000100)=[{&(0x7f0000000280)=""/50, 0x32}], 0x1}}], 0x1, 0x2001, 0x0) sendmsg$nl_route_sched(r1, &(0x7f0000013a40)={0x0, 0x0, &(0x7f0000013a00)={&(0x7f00000158c0), 0x10b8c}}, 0x0) syz_usb_connect(0x5, 0x34, 0x0, 0x0) r2 = openat$audio(0xffffffffffffff9c, &(0x7f0000000140), 0x40000000040201, 0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r2, 0xc004500a, &(0x7f0000000080)) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}, {}, {}, {}, {}, {0xfffffffc}, {0x400000}], 0x0, 0x4}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) openat$apparmor_thread_current(0xffffff9c, 0x0, 0x2, 0x0) r4 = syz_io_uring_setup(0x112, &(0x7f0000000140)={0x0, 0x63c1, 0x1, 0x0, 0x1000000}, &(0x7f0000000240)=0x0, &(0x7f0000000040)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r5, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r5, r6, &(0x7f00000000c0)=@IORING_OP_PROVIDE_BUFFERS={0x1f, 0x2, 0x0, 0x5, 0x0, 0x0, 0x1}) io_uring_enter(r4, 0x568a, 0xb277, 0x0, 0x0, 0x0) r7 = mq_open(&(0x7f0000000380)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\x01\x00\x00\x00a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|\x00\x17\xc0\xa3\xd5\xf9\xaa\x98/\xa4v\xe4)I\xf3+[e\x95\x89\x99\xca\x8e\xc5\xd3\\T\xf0\x1a|5\xfff\xff\x99\xa4\xbb\x9e#oR\xa4\xf1\xba\x04c\xb3-\xf7R\xb85\xb5\xdb\xe9?\xfa/\xdf\xb4R\xbfx=\v_j\x8e\xb0\'\xf4\xe5\xff!\xe1\xbf\x82e\xb1\x9b\x8d\xf3L\t\xd21\x9cbwV\xc8\xcc\xe4\x96M_w\xbc\xdf9\b\r\xf6\x95\xae\xb5,\x92\x8c\xc0DQm\x80\xd1w\xa2\x1a\x12Z\xe5\xf4H\xf7D\n\x96J\x93\xfb\xf0$\x9f\xf7\xa2\xae$O\xa3\xb6\xf5\x98\xd3\v\x00\x86\xa5\x8b\x81\x04\xaf\x03s\xe5\x86>\x0e\xa6\xe6\x1aV\x17\x8b\xed\xa7\'\xd0\r_\xe8,XVR\x13\xe5%\xb9\x88\xb8W@D\'\x17A\xc8\x80\x02J\xd4V\x00wH(\xc5v\f\xc9\xb6\xdf..$\xe6P(_\xf1\'\xc1:\xa3\xcb\xd9\xd1\xc7\x13\x99Md\x1dc\xf1\'j\x03!\x13\xd1\xb8\xbf\xe6\xb2M\b/\rp\xa5\x00\x00\x00\x00', 0x40, 0x9, 0x0) fcntl$setlease(r7, 0x400, 0x0) mq_open(&(0x7f00005a1ffb)='eth0\x00', 0x42, 0x0, 0x0) 1.739820364s ago: executing program 2 (id=86): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000260018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000800007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000012c0)=ANY=[@ANYBLOB="02000000040000000600000005"], 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000400)=ANY=[@ANYRESDEC=r1, @ANYRES32=r1, @ANYRES8=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x28, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x33, r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000500)='percpu_free_percpu\x00', r3}, 0x18) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='syzkaller\x00', 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000500)='percpu_free_percpu\x00', r4}, 0x10) r6 = socket$kcm(0x10, 0x2, 0x0) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(r5, 0x28, 0x1, &(0x7f0000000040)=0x5, 0x8) sendmsg$kcm(r6, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000300)="2e00000011008108090f9becdb4cb92e0a4831371400000069bd6efb2502eaf60d000100020400bf050005001201", 0x2e}], 0x1}, 0xc0010) r7 = accept4$inet6(0xffffffffffffffff, 0x0, &(0x7f0000000180), 0x80000) setsockopt$inet6_udp_int(r7, 0x11, 0xb, &(0x7f00000001c0)=0x8655, 0x4) 1.697152021s ago: executing program 2 (id=87): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x1f, 0x2, &(0x7f0000001c40)=ANY=[@ANYBLOB="85000000a80000"], &(0x7f00000000c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x13, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000500)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x2, 0xc, 0x1400, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="0c000000040000000400000009"], 0x48) 1.628566095s ago: executing program 2 (id=88): syz_open_dev$tty1(0xc, 0x4, 0x1) write$UHID_INPUT(0xffffffffffffffff, &(0x7f0000001980)={0x9, {"a2e3ad214fc752f91b2909094bf70e0dd038e7ff7fc6e5539b324c078b089b32323b6d1a0890e0878f0e1ac6e7049b076d959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b130daa61d8e809ea889b5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae19397d696d0d758f2dc7d1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdc69c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc94681359bad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828563e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b4bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d9560ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f733b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6ea94f88a4facfd4c735a20307c737afae5136651b1b9bd522dcb399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab83c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00303000000000000007fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57fa9c0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d3679507000000000000934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e90f39c3dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x1000}}, 0x1006) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000300)='smb3\x00', 0x10, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) socket$inet_mptcp(0x2, 0x1, 0x106) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg(r1, &(0x7f00000006c0)={0x0, 0x0, 0x0}, 0x20000000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r4 = syz_open_dev$dmmidi(&(0x7f0000000200), 0x2, 0x0) ioctl$SNDRV_RAWMIDI_IOCTL_INFO(r4, 0xc0305720, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) 750.060296ms ago: executing program 2 (id=89): socket(0x5, 0x5, 0x0) keyctl$unlink(0x9, 0x0, 0xfffffffffffffffd) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x10, &(0x7f0000000ac0)=ANY=[], &(0x7f0000000040)='syzkaller\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x8, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x3, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000300)=0x4) r1 = openat$sndseq(0xffffff9c, &(0x7f0000000340), 0x40) ioctl$SNDRV_SEQ_IOCTL_GET_SUBSCRIPTION(r1, 0xc0505350, &(0x7f0000000480)={{0x0, 0x7}, {0x3, 0xf}, 0x1, 0x5, 0x8}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeea, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000100)=0x2) socket$inet6_sctp(0xa, 0x801, 0x84) openat$vim2m(0xffffffffffffff9c, &(0x7f0000000340), 0x2, 0x0) r4 = memfd_secret(0x0) ftruncate(r4, 0x51a9497) r5 = userfaultfd(0x80001) ioctl$UFFDIO_API(r5, 0xc018aa3f, &(0x7f00000000c0)={0xaa, 0x309}) ioctl$UFFDIO_REGISTER(r5, 0xc020aa00, &(0x7f0000000080)={{&(0x7f000050a000/0x13000)=nil, 0x13000}, 0x1}) readv(r2, &(0x7f00000002c0)=[{&(0x7f0000000400)=""/224, 0xe0}], 0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x18) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200)=@usbdevfs_disconnect={0x3}) ioctl$USBDEVFS_IOCTL(0xffffffffffffffff, 0x80045505, &(0x7f0000000040)=@usbdevfs_disconnect={0x1}) ioctl$USBDEVFS_CLEAR_HALT(0xffffffffffffffff, 0x80045515, &(0x7f0000000000)={0x1, 0x1}) 110.451063ms ago: executing program 1 (id=90): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$key(0xf, 0x3, 0x2) sendmsg$key(r1, &(0x7f0000000040)={0xa, 0x0, &(0x7f0000000340)={&(0x7f0000000080)={0x2, 0x5, 0x0, 0x2, 0x9, 0x0, 0x0, 0x25dfdbff, [@sadb_sa={0x2, 0x1, 0x0, 0x0, 0x10, 0xfb}, @sadb_address={0x5, 0x5, 0x0, 0x0, 0x0, @in6={0xa, 0x4e22, 0x8, @private2={0xfc, 0x2, '\x00', 0x1}, 0xfffff4c8}}]}, 0x48}, 0x1, 0x7}, 0x40000) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x4) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x0, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}, {0x2}, {}, {}, {0x0, 0x1000}, {0xff7ffffc, 0x3ff}, {0x400020, 0x7ffffffe}], 0x0, 0x4, 0x0, 0x2}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) r2 = openat$nmem0(0xffffff9c, &(0x7f0000000040), 0x101040, 0x0) getsockopt$XDP_STATISTICS(r2, 0x11b, 0x7, 0x0, &(0x7f00000000c0)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) setresuid(0x0, 0x0, 0x0) eventfd(0x80001ff) ioctl$VHOST_SET_MEM_TABLE(0xffffffffffffffff, 0x4008af03, 0x0) ioctl$sock_bt_bnep_BNEPGETSUPPFEAT(r2, 0x800442d4, &(0x7f0000000080)=0x3) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000180)=ANY=[]) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) socket$nl_route(0x10, 0x3, 0x0) r4 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x11, 0x800000000004, @tid=r4}, &(0x7f0000000200)) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0x0) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x2, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f00000002c0), 0x4) r5 = syz_open_dev$swradio(&(0x7f0000000000), 0x1, 0x2) splice(r5, &(0x7f00000000c0)=0xffffffff, r0, &(0x7f0000000140)=0x3, 0x4, 0x9) 0s ago: executing program 0 (id=91): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_PEER_ADDR_PARAMS(r0, 0x84, 0x25, 0x0, 0x0) ioctl$VIDIOC_DECODER_CMD(0xffffffffffffffff, 0xc0485660, &(0x7f0000000200)={0x2, 0x1, @stop_pts=0x7}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = openat$full(0xffffff9c, 0x0, 0x181000, 0x0) bind$netlink(r1, &(0x7f00000020c0)={0x10, 0x0, 0x25dfdbfd, 0x8000000}, 0xc) r2 = openat$mice(0xffffff9c, &(0x7f0000000080), 0x101080) bind$netlink(r2, &(0x7f00000001c0)={0x10, 0x0, 0x25dfdbff, 0x4}, 0xc) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) r5 = syz_io_uring_setup(0x239, &(0x7f00000002c0)={0x0, 0x4533, 0x10100, 0x0, 0x0, 0x0, r4}, &(0x7f0000000180)=0x0, &(0x7f0000000340)=0x0) syz_io_uring_submit(r6, r7, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r5, 0x2ded, 0x4000, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xc4, &(0x7f0000000480)=""/196, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x5, &(0x7f0000000100)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r8, &(0x7f0000002540)=@abs, 0x6e) sendmmsg$unix(r9, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r8, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r10 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r10, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r10, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r10, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmmsg$inet6(r10, &(0x7f0000003c40)=[{{&(0x7f0000000080)={0xa, 0x4e23, 0x0, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r10, 0x84, 0x79, &(0x7f00000000c0)={0x0, 0x100, 0x9f7b}, 0x8) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:20918' (ED25519) to the list of known hosts. [ 42.010048][ T5937] cgroup: Unknown subsys name 'net' [ 42.172628][ T5937] cgroup: Unknown subsys name 'cpuset' [ 42.178114][ T5937] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 43.209388][ T5937] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 46.437929][ T5950] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 46.442825][ T5303] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 46.445867][ T5303] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 46.472681][ T5958] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 46.475018][ T5958] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 46.478770][ T5958] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 46.481916][ T5958] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 46.484217][ T5958] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 46.487209][ T5958] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 46.489850][ T5958] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 46.498858][ T5965] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 46.502921][ T5962] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 46.507598][ T5963] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 46.507740][ T5965] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 46.511918][ T5963] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 46.514848][ T5965] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 46.517036][ T5965] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 46.519107][ T5962] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 46.519150][ T5963] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 46.520057][ T5965] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 46.520436][ T5965] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 46.520860][ T5965] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 46.521270][ T5962] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 46.523564][ T5303] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 46.733973][ T5960] chnl_net:caif_netlink_parms(): no params data found [ 46.762100][ T5955] chnl_net:caif_netlink_parms(): no params data found [ 46.768290][ T5948] chnl_net:caif_netlink_parms(): no params data found [ 46.795712][ T5951] chnl_net:caif_netlink_parms(): no params data found [ 46.910229][ T5960] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.913759][ T5960] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.916760][ T5960] bridge_slave_0: entered allmulticast mode [ 46.919913][ T5960] bridge_slave_0: entered promiscuous mode [ 46.985727][ T5960] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.988332][ T5960] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.992277][ T5960] bridge_slave_1: entered allmulticast mode [ 46.995495][ T5960] bridge_slave_1: entered promiscuous mode [ 46.999528][ T5955] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.001512][ T5955] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.003598][ T5955] bridge_slave_0: entered allmulticast mode [ 47.005751][ T5955] bridge_slave_0: entered promiscuous mode [ 47.079047][ T5955] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.081794][ T5955] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.084785][ T5955] bridge_slave_1: entered allmulticast mode [ 47.089709][ T5955] bridge_slave_1: entered promiscuous mode [ 47.164994][ T5960] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.173928][ T5955] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.197369][ T5948] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.201440][ T5948] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.204582][ T5948] bridge_slave_0: entered allmulticast mode [ 47.208250][ T5948] bridge_slave_0: entered promiscuous mode [ 47.224129][ T5960] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.229650][ T5955] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.233472][ T5948] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.236296][ T5948] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.240269][ T5948] bridge_slave_1: entered allmulticast mode [ 47.243668][ T5948] bridge_slave_1: entered promiscuous mode [ 47.247904][ T5951] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.251518][ T5951] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.253699][ T5951] bridge_slave_0: entered allmulticast mode [ 47.255995][ T5951] bridge_slave_0: entered promiscuous mode [ 47.260004][ T5951] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.262082][ T5951] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.264181][ T5951] bridge_slave_1: entered allmulticast mode [ 47.266398][ T5951] bridge_slave_1: entered promiscuous mode [ 47.332203][ T5960] team0: Port device team_slave_0 added [ 47.372903][ T5960] team0: Port device team_slave_1 added [ 47.377564][ T5955] team0: Port device team_slave_0 added [ 47.383416][ T5948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.389032][ T5951] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.411851][ T5955] team0: Port device team_slave_1 added [ 47.415505][ T5948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.432971][ T5951] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.486679][ T5960] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.489489][ T5960] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.499872][ T5960] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.516872][ T5948] team0: Port device team_slave_0 added [ 47.527685][ T5960] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.530462][ T5960] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.540215][ T5960] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.545777][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.547893][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.555828][ T5955] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.559981][ T5955] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.561961][ T5955] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.568989][ T5955] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.573610][ T5948] team0: Port device team_slave_1 added [ 47.578171][ T5951] team0: Port device team_slave_0 added [ 47.585721][ T5951] team0: Port device team_slave_1 added [ 47.630432][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.633053][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.641305][ T5951] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.645776][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.647869][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.657898][ T5948] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.673153][ T5951] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.675054][ T5951] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.683164][ T5951] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.687047][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.690125][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.700369][ T5948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.752567][ T5955] hsr_slave_0: entered promiscuous mode [ 47.755309][ T5955] hsr_slave_1: entered promiscuous mode [ 47.760504][ T5960] hsr_slave_0: entered promiscuous mode [ 47.762853][ T5960] hsr_slave_1: entered promiscuous mode [ 47.765648][ T5960] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.770206][ T5960] Cannot create hsr debugfs directory [ 47.829103][ T5948] hsr_slave_0: entered promiscuous mode [ 47.831165][ T5948] hsr_slave_1: entered promiscuous mode [ 47.833022][ T5948] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.835184][ T5948] Cannot create hsr debugfs directory [ 47.867344][ T5951] hsr_slave_0: entered promiscuous mode [ 47.870181][ T5951] hsr_slave_1: entered promiscuous mode [ 47.872654][ T5951] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.875402][ T5951] Cannot create hsr debugfs directory [ 48.156106][ T5955] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 48.163787][ T5955] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 48.171020][ T5955] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 48.183619][ T5955] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 48.209669][ T5948] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 48.215466][ T5948] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 48.222507][ T5948] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 48.227999][ T5948] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 48.256908][ T5960] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 48.264426][ T5960] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 48.269563][ T5960] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 48.274331][ T5960] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 48.302858][ T5951] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 48.314247][ T5951] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 48.319401][ T5951] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 48.324076][ T5951] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 48.389163][ T5955] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.396981][ T5948] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.420276][ T5955] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.425373][ T5960] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.437347][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.439835][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.451388][ T5948] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.459240][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.461708][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.468069][ T5960] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.474421][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.476647][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.487499][ T5951] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.495604][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.498052][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.502710][ T64] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.504737][ T64] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.512578][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.515413][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.535626][ T5951] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.550397][ T5955] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 48.560274][ T5950] Bluetooth: hci2: command tx timeout [ 48.561565][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.562187][ T5952] Bluetooth: hci0: command tx timeout [ 48.562221][ T5965] Bluetooth: hci3: command tx timeout [ 48.564640][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.568589][ T5952] Bluetooth: hci1: command tx timeout [ 48.580289][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.583052][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.707096][ T5955] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.744782][ T5951] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.751562][ T5955] veth0_vlan: entered promiscuous mode [ 48.766335][ T5948] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.770516][ T5955] veth1_vlan: entered promiscuous mode [ 48.775510][ T5960] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.810400][ T5951] veth0_vlan: entered promiscuous mode [ 48.819875][ T5951] veth1_vlan: entered promiscuous mode [ 48.832431][ T5955] veth0_macvtap: entered promiscuous mode [ 48.840370][ T5955] veth1_macvtap: entered promiscuous mode [ 48.851814][ T5948] veth0_vlan: entered promiscuous mode [ 48.859846][ T5948] veth1_vlan: entered promiscuous mode [ 48.868965][ T5960] veth0_vlan: entered promiscuous mode [ 48.879227][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.886076][ T5960] veth1_vlan: entered promiscuous mode [ 48.890453][ T5951] veth0_macvtap: entered promiscuous mode [ 48.896134][ T5955] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.901170][ T5955] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.903816][ T5955] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.906254][ T5955] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.909279][ T5955] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.921540][ T5951] veth1_macvtap: entered promiscuous mode [ 48.953319][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.957520][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.963469][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.967769][ T5948] veth0_macvtap: entered promiscuous mode [ 48.973945][ T5951] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 48.977081][ T5951] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.980786][ T5951] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.004619][ T5951] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.007116][ T5951] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.010176][ T5951] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.013968][ T5951] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.026442][ T5948] veth1_macvtap: entered promiscuous mode [ 49.031394][ T5960] veth0_macvtap: entered promiscuous mode [ 49.039287][ T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.041782][ T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.044481][ T5960] veth1_macvtap: entered promiscuous mode [ 49.060641][ T5948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.064959][ T5948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.069880][ T5948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.073967][ T5948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.079246][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.100366][ T5948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.104593][ T5948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.108286][ T5948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.113337][ T5948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.117970][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.122399][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.125320][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.131847][ T5948] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.135107][ T5948] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.138189][ T5948] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.141530][ T5948] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.149641][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.153921][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.157668][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.161916][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.165665][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.169794][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.174772][ T5960] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.179287][ T64] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.179884][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.181584][ T64] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.184596][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.189795][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.192757][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.195485][ T5960] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.198353][ T5960] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.203523][ T5960] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.213650][ T5960] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.216224][ T5960] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.218918][ T5960] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.221446][ T5960] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.232505][ T5955] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 49.238080][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.240822][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.266356][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.269253][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.299806][ T1106] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.302811][ T1106] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.315486][ T74] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.317725][ T74] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.328166][ T6018] netlink: 132 bytes leftover after parsing attributes in process `syz.0.1'. [ 49.332369][ T6018] openvswitch: netlink: Flow key attr not present in new flow. [ 49.341932][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.351625][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.478123][ T6027] netlink: 132 bytes leftover after parsing attributes in process `syz.1.2'. [ 49.481266][ T6027] openvswitch: netlink: Flow key attr not present in new flow. [ 49.961203][ T6041] netlink: 4 bytes leftover after parsing attributes in process `syz.2.6'. [ 50.168854][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 50.208107][ T6044] Bluetooth: MGMT ver 1.23 [ 50.338884][ T5965] Bluetooth: hci1: unexpected event 0x03 length: 17 > 11 [ 50.503616][ T6050] netlink: 132 bytes leftover after parsing attributes in process `syz.3.9'. [ 50.512425][ T6050] openvswitch: netlink: Flow key attr not present in new flow. [ 50.638775][ T5965] Bluetooth: hci1: command tx timeout [ 50.640960][ T5965] Bluetooth: hci0: command tx timeout [ 50.643122][ T5965] Bluetooth: hci3: command tx timeout [ 50.645710][ T5950] Bluetooth: hci2: command tx timeout [ 51.676536][ T6058] netlink: 132 bytes leftover after parsing attributes in process `syz.1.11'. [ 51.680321][ T6058] openvswitch: netlink: Flow key attr not present in new flow. [ 52.102283][ T6067] capability: warning: `syz.3.15' uses deprecated v2 capabilities in a way that may be insecure [ 52.248730][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 52.255581][ T5952] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 52.533639][ T6072] RDS: rds_bind could not find a transport for fc00::1, load rds_tcp or rds_rdma? [ 52.591349][ T5950] Bluetooth: hci0: unexpected event 0x03 length: 17 > 11 [ 52.718732][ T5950] Bluetooth: hci2: command tx timeout [ 52.718921][ T5303] Bluetooth: hci3: command tx timeout [ 52.718922][ T5965] Bluetooth: hci0: command 0x040f tx timeout [ 52.719456][ T5962] Bluetooth: hci1: command tx timeout [ 52.730223][ T5952] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 53.539471][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 54.008939][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 54.399138][ T6101] netlink: 4 bytes leftover after parsing attributes in process `syz.2.24'. [ 54.402785][ T6101] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 54.405147][ T6101] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 54.416804][ T6101] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 54.419398][ T6101] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 54.663939][ T40] audit: type=1800 audit(1739498560.897:2): pid=6103 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.22" name="file1" dev="overlay" ino=51 res=0 errno=0 [ 54.680618][ T6103] evm: overlay not supported [ 54.750899][ T6105] Zero length message leads to an empty skb [ 54.798879][ T5965] Bluetooth: hci1: command tx timeout [ 54.798884][ T5952] Bluetooth: hci0: command 0x040f tx timeout [ 54.799495][ T5950] Bluetooth: hci3: command tx timeout [ 54.799883][ T5952] Bluetooth: hci2: command tx timeout [ 55.378603][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 55.398988][ T0] NOHZ tick-stop error: local softirq work is pending, handler #3ca!!! [ 55.411980][ T0] NOHZ tick-stop error: local softirq work is pending, handler #248!!! [ 55.513643][ T6113] netlink: 4 bytes leftover after parsing attributes in process `syz.1.26'. [ 55.707780][ T6120] netlink: 132 bytes leftover after parsing attributes in process `syz.0.28'. [ 55.711563][ T6120] openvswitch: netlink: Flow key attr not present in new flow. [ 56.697401][ T6132] ======================================================= [ 56.697401][ T6132] WARNING: The mand mount option has been deprecated and [ 56.697401][ T6132] and is ignored by this kernel. Remove the mand [ 56.697401][ T6132] option from the mount to silence this warning. [ 56.697401][ T6132] ======================================================= [ 56.889323][ T5962] Bluetooth: hci0: command 0x040f tx timeout [ 56.992306][ T6132] /dev/sr0: Can't open blockdev [ 57.753604][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 57.966310][ T6149] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0 [ 57.983652][ T40] audit: type=1800 audit(1739498564.217:3): pid=6149 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.35" name="bus" dev="tmpfs" ino=71 res=0 errno=0 [ 58.159991][ T6157] netlink: 132 bytes leftover after parsing attributes in process `syz.3.38'. [ 58.163930][ T6157] openvswitch: netlink: Flow key attr not present in new flow. [ 58.470555][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 58.959323][ T5962] Bluetooth: hci0: command 0x040f tx timeout [ 60.726658][ T6201] netlink: 132 bytes leftover after parsing attributes in process `syz.3.46'. [ 60.730279][ T6201] openvswitch: netlink: Flow key attr not present in new flow. [ 60.748620][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 62.151522][ T6222] syzkaller0: entered promiscuous mode [ 62.153190][ T6222] syzkaller0: entered allmulticast mode [ 62.464110][ T5950] Bluetooth: hci1: unexpected event 0x03 length: 17 > 11 [ 62.486130][ T6233] usb usb1: usbfs: interface 0 claimed by hub while 'syz.1.51' sets config #1 [ 62.491434][ T6233] usb usb1: usbfs: process 6233 (syz.1.51) did not claim interface 0 before use [ 63.264267][ T6246] FAULT_INJECTION: forcing a failure. [ 63.264267][ T6246] name failslab, interval 1, probability 0, space 0, times 1 [ 63.269227][ T6246] CPU: 3 UID: 0 PID: 6246 Comm: syz.1.56 Not tainted 6.14.0-rc2-syzkaller-00056-gab68d7eb7b1a #0 [ 63.269249][ T6246] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 63.269258][ T6246] Call Trace: [ 63.269263][ T6246] [ 63.269269][ T6246] dump_stack_lvl+0x16c/0x1f0 [ 63.269297][ T6246] should_fail_ex+0x50a/0x650 [ 63.269315][ T6246] ? fs_reclaim_acquire+0xae/0x150 [ 63.269340][ T6246] should_failslab+0xc2/0x120 [ 63.269359][ T6246] kmem_cache_alloc_noprof+0x6e/0x3b0 [ 63.269375][ T6246] ? getname_flags.part.0+0x4c/0x550 [ 63.269396][ T6246] ? vfs_write+0x306/0x1150 [ 63.269412][ T6246] getname_flags.part.0+0x4c/0x550 [ 63.269433][ T6246] getname+0x8d/0xe0 [ 63.269445][ T6246] do_sys_openat2+0x104/0x1e0 [ 63.269463][ T6246] ? __pfx_do_sys_openat2+0x10/0x10 [ 63.269483][ T6246] ? __fget_files+0x206/0x3a0 [ 63.269501][ T6246] __ia32_compat_sys_openat+0x16e/0x210 [ 63.269521][ T6246] ? __pfx___ia32_compat_sys_openat+0x10/0x10 [ 63.269540][ T6246] ? ksys_write+0x1ba/0x250 [ 63.269559][ T6246] __do_fast_syscall_32+0x73/0x120 [ 63.269574][ T6246] do_fast_syscall_32+0x32/0x80 [ 63.269604][ T6246] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 63.269629][ T6246] RIP: 0023:0xf7f26579 [ 63.269642][ T6246] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 63.269654][ T6246] RSP: 002b:00000000f504655c EFLAGS: 00000296 ORIG_RAX: 0000000000000127 [ 63.269669][ T6246] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800002c0 [ 63.269678][ T6246] RDX: 000000000000c901 RSI: 0000000000000000 RDI: 0000000000000000 [ 63.269687][ T6246] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 63.269695][ T6246] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 63.269703][ T6246] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 63.269721][ T6246] [ 63.386742][ T6249] netlink: 132 bytes leftover after parsing attributes in process `syz.1.57'. [ 63.390439][ T6249] openvswitch: netlink: Flow key attr not present in new flow. [ 63.851528][ T6253] syz.3.58: attempt to access beyond end of device [ 63.851528][ T6253] nbd3: rw=0, sector=2, nr_sectors = 2 limit=0 [ 63.856236][ T6253] syz.3.58: attempt to access beyond end of device [ 63.856236][ T6253] nbd3: rw=0, sector=16, nr_sectors = 2 limit=0 [ 63.970274][ T6253] tmpfs: Bad value for 'mpol' [ 64.050679][ T6254] block nbd3: shutting down sockets [ 64.139205][ T5950] Bluetooth: hci3: unexpected event 0x03 length: 17 > 11 [ 64.141663][ T6259] netlink: 'syz.1.60': attribute type 9 has an invalid length. [ 64.145882][ T6259] netlink: 209852 bytes leftover after parsing attributes in process `syz.1.60'. [ 64.272838][ T6262] sd 0:0:0:0: ioctl_internal_command: ILLEGAL REQUEST asc=0x24 ascq=0x0 [ 64.292989][ T40] audit: type=1800 audit(1739498570.536:4): pid=6262 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.61" name="bus" dev="tmpfs" ino=113 res=0 errno=0 [ 64.328617][ T5950] Bluetooth: hci0: command 0x040f tx timeout [ 64.328628][ T5962] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 64.937868][ T6281] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 65.243001][ T6291] netlink: 132 bytes leftover after parsing attributes in process `syz.0.69'. [ 65.246601][ T6291] openvswitch: netlink: Flow key attr not present in new flow. [ 65.267671][ T5853] kernel read not supported for file /sequencer2 (pid: 5853 comm: kworker/2:3) [ 65.548743][ T5962] Bluetooth: hci0: unexpected event 0x03 length: 17 > 11 [ 66.442361][ T6311] netlink: 12 bytes leftover after parsing attributes in process `syz.0.73'. [ 66.675063][ T5962] Bluetooth: hci1: unexpected event 0x03 length: 17 > 11 [ 66.683262][ T6318] netlink: 'syz.0.74': attribute type 9 has an invalid length. [ 66.686961][ T6318] netlink: 209852 bytes leftover after parsing attributes in process `syz.0.74'. [ 67.518882][ T5950] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 67.610937][ T5950] Bluetooth: hci0: command 0x040f tx timeout [ 67.787517][ T6338] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 68.214318][ T6357] FAULT_INJECTION: forcing a failure. [ 68.214318][ T6357] name failslab, interval 1, probability 0, space 0, times 0 [ 68.216718][ T6351] Bluetooth: hci4: Frame reassembly failed (-84) [ 68.217863][ T6357] CPU: 1 UID: 0 PID: 6357 Comm: syz.0.84 Not tainted 6.14.0-rc2-syzkaller-00056-gab68d7eb7b1a #0 [ 68.217886][ T6357] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 68.217893][ T6357] Call Trace: [ 68.217897][ T6357] [ 68.217901][ T6357] dump_stack_lvl+0x16c/0x1f0 [ 68.217921][ T6357] should_fail_ex+0x50a/0x650 [ 68.217934][ T6357] ? fs_reclaim_acquire+0xae/0x150 [ 68.217951][ T6357] should_failslab+0xc2/0x120 [ 68.217965][ T6357] __kmalloc_noprof+0xce/0x4f0 [ 68.217976][ T6357] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 68.217989][ T6357] ? tomoyo_realpath_from_path+0xbf/0x710 [ 68.218004][ T6357] tomoyo_realpath_from_path+0xbf/0x710 [ 68.218017][ T6357] ? tomoyo_path_number_perm+0x235/0x5b0 [ 68.218028][ T6357] tomoyo_path_number_perm+0x248/0x5b0 [ 68.218038][ T6357] ? tomoyo_path_number_perm+0x235/0x5b0 [ 68.218049][ T6357] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 68.218072][ T6357] ? __pfx_lock_release+0x10/0x10 [ 68.218083][ T6357] ? trace_lock_acquire+0x14e/0x1f0 [ 68.218092][ T6357] ? __pfx___schedule+0x10/0x10 [ 68.218106][ T6357] ? lock_acquire+0x2f/0xb0 [ 68.218116][ T6357] ? __fget_files+0x40/0x3a0 [ 68.218129][ T6357] ? __fget_files+0x206/0x3a0 [ 68.218140][ T6357] security_file_ioctl_compat+0x9b/0x240 [ 68.218153][ T6357] __do_compat_sys_ioctl+0x4e/0x2c0 [ 68.218170][ T6357] __do_fast_syscall_32+0x73/0x120 [ 68.218180][ T6357] do_fast_syscall_32+0x32/0x80 [ 68.218189][ T6357] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 68.218205][ T6357] RIP: 0023:0xf73ae579 [ 68.218213][ T6357] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 68.218222][ T6357] RSP: 002b:00000000f4ff455c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 68.218231][ T6357] RAX: ffffffffffffffda RBX: 0000000000000008 RCX: 00000000400455c8 [ 68.218237][ T6357] RDX: 0000000000000009 RSI: 0000000000000000 RDI: 0000000000000000 [ 68.218242][ T6357] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 68.218247][ T6357] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 68.218252][ T6357] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 68.218263][ T6357] [ 68.218285][ T6357] ERROR: Out of memory at tomoyo_realpath_from_path. [ 68.247292][ T74] Bluetooth: hci4: Frame reassembly failed (-84) [ 68.253171][ T6357] Bluetooth: hci5: Frame reassembly failed (-84) [ 68.256424][ T74] Bluetooth: hci4: Frame reassembly failed (-84) [ 68.276846][ T64] Bluetooth: hci5: Frame reassembly failed (-84) [ 68.771687][ T6372] CIFS: No dialect specified on mount. Default has changed to a more secure dialect, SMB2.1 or later (e.g. SMB3.1.1), from CIFS (SMB1). To use the less secure SMB1 dialect to access old servers which do not support SMB3.1.1 (or even SMB3 or SMB2.1) specify vers=1.0 on mount. [ 68.779709][ T6372] CIFS mount error: No usable UNC path provided in device string! [ 68.779709][ T6372] [ 68.782822][ T6372] CIFS: VFS: CIFS mount error: No usable UNC path provided in device string! [ 70.239861][ T5965] Bluetooth: hci4: command 0xfc11 tx timeout [ 70.239963][ T5950] Bluetooth: hci4: Entering manufacturer mode failed (-110) [ 70.319304][ T5962] Bluetooth: hci5: Entering manufacturer mode failed (-110) [ 70.319340][ T5950] Bluetooth: hci5: command 0xfc11 tx timeout [ 70.554441][ T6379] page: refcount:3 mapcount:1 mapping:ffff88804ffacb78 index:0x60 pfn:0x6de28 [ 70.558263][ T6379] memcg:ffff888069f9e000 [ 70.559891][ T6379] aops:shmem_aops ino:40e [ 70.561528][ T6379] flags: 0x4fff6800002002d(locked|referenced|uptodate|lru|swapbacked|node=1|zone=1|lastcpupid=0x7ff) [ 70.565591][ T6379] raw: 04fff6800002002d ffffea00014a24c8 ffffea0001b78a48 ffff88804ffacb78 [ 70.568415][ T6379] raw: 0000000000000060 0000000000000000 0000000300000000 ffff888069f9e000 [ 70.570966][ T6379] page dumped because: VM_BUG_ON_FOLIO(folio_mapped(folio)) [ 70.573135][ T6379] page_owner tracks the page as allocated [ 70.575508][ T6379] page last allocated via order 0, migratetype Movable, gfp_mask 0x140cca(GFP_HIGHUSER_MOVABLE|__GFP_COMP), pid 6376, tgid 6375 (syz.2.89), ts 69708282543, free_ts 68644395522 [ 70.580198][ T6379] post_alloc_hook+0x181/0x1b0 [ 70.581551][ T6379] get_page_from_freelist+0xfce/0x2f80 [ 70.583072][ T6379] __alloc_frozen_pages_noprof+0x221/0x2470 [ 70.584870][ T6379] alloc_pages_mpol+0x1fc/0x540 [ 70.586245][ T6379] folio_alloc_mpol_noprof+0x36/0x2f0 [ 70.587780][ T6379] shmem_alloc_folio+0x135/0x160 [ 70.589183][ T6379] shmem_alloc_and_add_folio+0x48e/0xc10 [ 70.590761][ T6379] shmem_get_folio_gfp+0x689/0x1530 [ 70.592296][ T6379] shmem_fault+0x200/0xae0 [ 70.593559][ T6379] __do_fault+0x10a/0x490 [ 70.594795][ T6379] do_pte_missing+0xecf/0x3e10 [ 70.596148][ T6379] __handle_mm_fault+0x1166/0x2c60 [ 70.597583][ T6379] handle_mm_fault+0x3fa/0xaa0 [ 70.598948][ T6379] __get_user_pages+0x773/0x36f0 [ 70.600338][ T6379] populate_vma_page_range+0x27f/0x3a0 [ 70.602042][ T6379] __mm_populate+0x1d6/0x380 [ 70.603350][ T6379] page last free pid 6355 tgid 6341 stack trace: [ 70.605105][ T6379] free_unref_folios+0xa7b/0x1500 [ 70.606523][ T6379] folios_put_refs+0x587/0x7b0 [ 70.607877][ T6379] shmem_undo_range+0x586/0x1170 [ 70.609277][ T6379] shmem_evict_inode+0x3a3/0xba0 [ 70.610672][ T6379] evict+0x409/0x960 [ 70.611835][ T6379] iput+0x52a/0x890 [ 70.612929][ T6379] dentry_unlink_inode+0x29c/0x480 [ 70.614369][ T6379] __dentry_kill+0x1d0/0x600 [ 70.615684][ T6379] dput.part.0+0x4b1/0x9b0 [ 70.616946][ T6379] dput+0x1f/0x30 [ 70.617984][ T6379] __fput+0x51c/0xb70 [ 70.619128][ T6379] task_work_run+0x14e/0x250 [ 70.620427][ T6379] do_exit+0xad8/0x2d70 [ 70.622012][ T6379] do_group_exit+0xd3/0x2a0 [ 70.623315][ T6379] get_signal+0x2576/0x2610 [ 70.624604][ T6379] arch_do_signal_or_restart+0x90/0x7e0 [ 70.626310][ T6379] ------------[ cut here ]------------ [ 70.627867][ T6379] kernel BUG at mm/filemap.c:154! [ 70.629339][ T6379] Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI [ 70.632469][ T6379] CPU: 1 UID: 0 PID: 6379 Comm: syz.2.89 Not tainted 6.14.0-rc2-syzkaller-00056-gab68d7eb7b1a #0 [ 70.636024][ T6379] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.639019][ T6379] RIP: 0010:filemap_unaccount_folio+0xef/0x860 [ 70.640665][ T6379] Code: b7 2b ca ff 4c 8d 6b 30 31 ff 89 ee e8 aa 26 ca ff 85 ed 7e 17 e8 a1 2b ca ff 48 c7 c6 a0 79 78 8b 48 89 df e8 d2 71 11 00 90 <0f> 0b e8 8a 2b ca ff 4c 89 ea 48 b8 00 00 00 00 00 fc ff df 48 c1 [ 70.646240][ T6379] RSP: 0018:ffffc9000da5f3a0 EFLAGS: 00010093 [ 70.647951][ T6379] RAX: 0000000000000000 RBX: ffffea0001b78a00 RCX: ffffc9000da5f248 [ 70.650150][ T6379] RDX: ffff888022c94880 RSI: ffffffff81eec2fe RDI: ffff888022c94cc4 [ 70.652409][ T6379] RBP: 0000000000000001 R08: 0000000000000000 R09: fffffbfff20bfd42 [ 70.654616][ T6379] R10: ffffffff905fea17 R11: 0000000000000003 R12: ffff88804ffacb78 [ 70.656826][ T6379] R13: ffffea0001b78a30 R14: 0000000000000000 R15: ffffc9000da5f620 [ 70.659028][ T6379] FS: 0000000000000000(0000) GS:ffff88802b500000(0000) knlGS:0000000000000000 [ 70.661491][ T6379] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 70.663550][ T6379] CR2: 000000008001e000 CR3: 000000000df80000 CR4: 0000000000352ef0 [ 70.665781][ T6379] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 70.668017][ T6379] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 70.670211][ T6379] Call Trace: [ 70.671200][ T6379] [ 70.672085][ T6379] ? die+0x31/0x80 [ 70.673133][ T6379] ? do_trap+0x232/0x430 [ 70.674326][ T6379] ? filemap_unaccount_folio+0xef/0x860 [ 70.675884][ T6379] ? filemap_unaccount_folio+0xef/0x860 [ 70.677433][ T6379] ? do_error_trap+0xf4/0x230 [ 70.678881][ T6379] ? filemap_unaccount_folio+0xef/0x860 [ 70.680430][ T6379] ? handle_invalid_op+0x34/0x40 [ 70.681833][ T6379] ? filemap_unaccount_folio+0xef/0x860 [ 70.683385][ T6379] ? exc_invalid_op+0x2e/0x50 [ 70.684907][ T6379] ? asm_exc_invalid_op+0x1a/0x20 [ 70.686331][ T6379] ? filemap_unaccount_folio+0xee/0x860 [ 70.687888][ T6379] ? filemap_unaccount_folio+0xef/0x860 [ 70.689433][ T6379] filemap_remove_folio+0xf1/0x250 [ 70.690878][ T6379] truncate_inode_folio+0x49/0x70 [ 70.692323][ T6379] shmem_undo_range+0x36e/0x1170 [ 70.693714][ T6379] ? __pfx_shmem_undo_range+0x10/0x10 [ 70.695240][ T6379] ? __lock_acquire+0xcc5/0x3c40 [ 70.696637][ T6379] ? mark_lock+0xb5/0xc60 [ 70.697866][ T6379] ? __pfx___lock_acquire+0x10/0x10 [ 70.699354][ T6379] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 70.700990][ T6379] ? lockdep_hardirqs_on+0x7c/0x110 [ 70.702517][ T6379] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 70.704162][ T6379] ? percpu_counter_add_batch+0x174/0x1e0 [ 70.705737][ T6379] shmem_evict_inode+0x3a3/0xba0 [ 70.707387][ T6379] ? find_held_lock+0x2d/0x110 [ 70.708751][ T6379] ? __pfx_shmem_evict_inode+0x10/0x10 [ 70.710273][ T6379] ? evict+0x3c8/0x960 [ 70.711429][ T6379] ? __pfx_lock_release+0x10/0x10 [ 70.712890][ T6379] ? lock_acquire+0x2f/0xb0 [ 70.714158][ T6379] ? __pfx_shmem_evict_inode+0x10/0x10 [ 70.715642][ T6379] evict+0x409/0x960 [ 70.716724][ T6379] ? __pfx_evict+0x10/0x10 [ 70.718035][ T6379] iput+0x52a/0x890 [ 70.719192][ T6379] ? __pfx_generic_delete_inode+0x10/0x10 [ 70.720814][ T6379] dentry_unlink_inode+0x29c/0x480 [ 70.722176][ T6379] __dentry_kill+0x1d0/0x600 [ 70.723402][ T6379] dput.part.0+0x4b1/0x9b0 [ 70.724688][ T6379] dput+0x1f/0x30 [ 70.725837][ T6379] __fput+0x51c/0xb70 [ 70.727012][ T6379] ? _raw_spin_unlock_irq+0x23/0x50 [ 70.728484][ T6379] task_work_run+0x14e/0x250 [ 70.729782][ T6379] ? __pfx_task_work_run+0x10/0x10 [ 70.731453][ T6379] ? do_raw_spin_unlock+0x172/0x230 [ 70.733044][ T6379] do_exit+0xad8/0x2d70 [ 70.734253][ T6379] ? get_signal+0x8f7/0x2610 [ 70.735621][ T6379] ? __pfx_do_exit+0x10/0x10 [ 70.736960][ T6379] ? do_raw_spin_lock+0x12d/0x2c0 [ 70.738415][ T6379] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 70.739979][ T6379] do_group_exit+0xd3/0x2a0 [ 70.741283][ T6379] get_signal+0x2576/0x2610 [ 70.742649][ T6379] ? __pfx___blk_flush_plug+0x10/0x10 [ 70.744230][ T6379] ? __pfx___up_read+0x10/0x10 [ 70.745597][ T6379] ? __pfx_get_signal+0x10/0x10 [ 70.746996][ T6379] arch_do_signal_or_restart+0x90/0x7e0 [ 70.748581][ T6379] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 70.750332][ T6379] ? __pfx_do_readv+0x10/0x10 [ 70.751714][ T6379] syscall_exit_to_user_mode+0x150/0x2a0 [ 70.753140][ T6379] __do_fast_syscall_32+0x80/0x120 [ 70.754410][ T6379] do_fast_syscall_32+0x32/0x80 [ 70.755630][ T6379] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 70.757581][ T6379] RIP: 0023:0xf73ce579 [ 70.758768][ T6379] Code: Unable to access opcode bytes at 0xf73ce54f. [ 70.760676][ T6379] RSP: 002b:00000000f501455c EFLAGS: 00000296 ORIG_RAX: 00000000000000db [ 70.763101][ T6379] RAX: 0000000000000000 RBX: 0000000080000000 RCX: 0000000000600000 [ 70.765375][ T6379] RDX: 0000000000000018 RSI: 0000000000000000 RDI: 0000000000000000 [ 70.767647][ T6379] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 70.769893][ T6379] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 70.772256][ T6379] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 70.774523][ T6379] [ 70.775438][ T6379] Modules linked in: [ 70.776581][ T6379] ---[ end trace 0000000000000000 ]--- [ 70.778142][ T6379] RIP: 0010:filemap_unaccount_folio+0xef/0x860 [ 70.779929][ T6379] Code: b7 2b ca ff 4c 8d 6b 30 31 ff 89 ee e8 aa 26 ca ff 85 ed 7e 17 e8 a1 2b ca ff 48 c7 c6 a0 79 78 8b 48 89 df e8 d2 71 11 00 90 <0f> 0b e8 8a 2b ca ff 4c 89 ea 48 b8 00 00 00 00 00 fc ff df 48 c1 [ 70.785520][ T6379] RSP: 0018:ffffc9000da5f3a0 EFLAGS: 00010093 [ 70.787262][ T6379] RAX: 0000000000000000 RBX: ffffea0001b78a00 RCX: ffffc9000da5f248 [ 70.789495][ T6379] RDX: ffff888022c94880 RSI: ffffffff81eec2fe RDI: ffff888022c94cc4 [ 70.791811][ T6379] RBP: 0000000000000001 R08: 0000000000000000 R09: fffffbfff20bfd42 [ 70.794055][ T6379] R10: ffffffff905fea17 R11: 0000000000000003 R12: ffff88804ffacb78 [ 70.796296][ T6379] R13: ffffea0001b78a30 R14: 0000000000000000 R15: ffffc9000da5f620 [ 70.798524][ T6379] FS: 0000000000000000(0000) GS:ffff88802b500000(0000) knlGS:0000000000000000 [ 70.801059][ T6379] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 70.802972][ T6379] CR2: 000000008001e000 CR3: 000000000df80000 CR4: 0000000000352ef0 [ 70.805224][ T6379] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 70.807476][ T6379] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 70.810127][ T6379] Kernel panic - not syncing: Fatal exception [ 70.812429][ T6379] Kernel Offset: disabled [ 70.813667][ T6379] Rebooting in 86400 seconds.. VM DIAGNOSIS: 02:02:57 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffff88802b544bc0 RCX=ffffffff81acfc1a RDX=ffff88801f1a8000 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90000a07928 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000006 R12=ffffed10056a8979 R13=0000000000000001 R14=ffff88802b43ffc0 R15=ffff88802b544bc8 RIP=ffffffff81b8ee90 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002fb0cffc CR3=000000000df80000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85388475 RDI=ffffffff9aad4e20 RBP=ffffffff9aad4de0 RSP=ffffc9000da5ed28 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=6e69203a73706f4f R12=0000000000000000 R13=0000000000000020 R14=ffffffff9aad4de0 R15=0000000000000000 RIP=ffffffff8538849f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000008001e000 CR3=000000000df80000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 075b9746655ac668 04433703244dfda4 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 32296f01806fe2f4 32454a2292b600fc ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1ce5bc3309bd764c 0fe37edb933692e2 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1aca4a4e45f827d9 205ebd032a798336 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000bc0 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000040 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e510e666ee308718 0000002b0000002b ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e5a9b2acf1eff272 f8857c960dddab78 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e96c774e0000002b 0000002b0000002b ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000002b00000000 f8841b9000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7857f09ad9fcc797 a78628e1c8b4e16d ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 283d94aff627a756 aa83c83ab1a5a736 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000007 RBX=ffff888049a165a0 RCX=1ffffffff20c03a2 RDX=0000000000000000 RSI=ffffffff8bd2d660 RDI=0000000000000001 RBP=0000000000000000 RSP=ffffc9000db2f410 R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff905fea17 R11=0000000000010170 R12=ffff888049a16598 R13=ffffc9000db2f480 R14=0000000000000cc0 R15=ffff88804fb779c0 RIP=ffffffff8b493d69 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000080396000 CR3=0000000071fa0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f747cff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000005898c RBX=0000000000000003 RCX=ffffffff8b46be39 RDX=ffffed10056e6f86 RSI=ffffffff8bd2d660 RDI=ffffffff818ffe49 RBP=ffffed1003ad1488 RSP=ffffc9000049fe08 R8 =0000000000000000 R9 =ffffed10056e6f85 R10=ffff88802b737c2b R11=0000000000000001 R12=0000000000000003 R13=ffff88801d68a440 R14=ffffffff905fea10 R15=0000000000000000 RIP=ffffffff8b46d21f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000804c7000 CR3=0000000073082000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000