last executing test programs: 3.943426324s ago: executing program 1 (id=125): prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000340)=ANY=[@ANYRES64=r0, @ANYRES8=r0], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r4, 0xc0045006, 0x0) read$FUSE(r4, &(0x7f00000009c0)={0x2020}, 0x2020) mkdir(&(0x7f0000000400)='./file0\x00', 0x0) r5 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="6c8000001000010400000000000000", @ANYRES32=0x0, @ANYBLOB="debf0100e10000004c0012800b00010062726964676500003c000280050024000100000005002900010000000500250000000000060006000600000008001d008000000005001800010000000800050001000000"], 0x6c}}, 0x0) mount(0x0, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='tmpfs\x00', 0x0, &(0x7f00000001c0)='grpquota') r6 = syz_open_dev$sndctrl(&(0x7f0000000300), 0x1, 0x0) ioctl$SNDRV_CTL_IOCTL_ELEM_READ(r6, 0xc2c45512, 0x0) setsockopt$IPT_SO_SET_REPLACE(0xffffffffffffffff, 0x0, 0x40, &(0x7f0000000380)=@raw={'raw\x00', 0x8, 0x3, 0x2a0, 0x0, 0x11, 0x148, 0x0, 0x10, 0x20c, 0x2a8, 0x2a8, 0x20c, 0x2a8, 0xac, 0x0, {[{{@ip={@multicast2, @multicast2, 0x0, 0x0, 'veth1_vlan\x00', 'sit0\x00'}, 0x10, 0xf4, 0x13c, 0x1c, {}, [@common=@unspec=@helper={{0x44}, {0x0, 'irc-20000\x00'}}, @common=@unspec=@connlimit={{0x40}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv6=@local, 'ip6gre0\x00', {0x2}}}}, {{@uncond, 0x0, 0x70, 0xd0}, @common=@SET={0x60, 'SET\x00', 0x0, {{0xffffffffffffffff, [0x2, 0x0, 0x5, 0x7, 0x6, 0x1], 0x5, 0x3}, {0x3, [0x2, 0x2, 0x3, 0x6, 0x2, 0x3], 0x2, 0x3}}}}], {{'\x00', 0xc8, 0x70, 0x94}, {0x24}}}}, 0x2fc) r7 = socket$nl_crypto(0x10, 0x3, 0x15) sendmsg$nl_crypto(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=@get={0xe0, 0x13, 0x0, 0x0, 0x0, {{'streebog512-generic\x00'}}}, 0xe0}}, 0x0) sendmsg$nl_crypto(r7, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000200)=ANY=[@ANYBLOB="f0000000120003"], 0xf0}}, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000c40)=ANY=[@ANYBLOB="0180c200000050a245d5cde086dd4500001c000000000002907800000000ffffffff1cff49dc958bb45948a35779ee2fb59812"], 0x0) socket$unix(0x1, 0x5, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x70bd2a, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xfffffff9, 0x11e41e7a, 0x3, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x2}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0xffffffffffffffff, 0x4}, 0x1}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x4}, 0x40004) 3.222757826s ago: executing program 2 (id=130): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x3, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"f9bef8d1aaeadafa287efdb9450ae3e2d260489591c42ab93a0c7bca18e9a19fa8e6cd61e9f62f91123f1311f81f85b4044554cb6e3ca1b6d1fc011bd71bdda82f37ccfa5b87dd5dcd311dbbb67f240dc02c53b7eabf3651660ce801e3878538da8bb24e1dbc480dae36207bf6b7b946c7a8ec08468f9a75ec797b8c11807655272833a7c70ccfc9a8259e7a148eca4d16b6ff519973a20b65f91a7261cdd2440a5a0566d843fa334b0280f0aacc3b417322b9b56098dd842c44139da4bd1e2212a40ba043bd72b995b172b26b71d434e9f3bf74b4ed480b264e0e9d6f628732534db36bfb92ee6419fb244db44abf0cd9357755ce9c4c9a584e5eb89ffd10c8a6c3c6115265f25f798570751917cd7cfc2ca71729e268c3b30c05b3dfdb18cbbfd3036a889f5fefb0f9d56bf970bdbf2524f8e435b721c809e73a5fdafbf1594088ad1974908bf5fc752d564c1a4989a7d1e59564567d9b437442c5c1cfec93526395d18b1ecb18dedd713ced403a00a2cd27b2dc857808287ea88157b3c19075eb33f7cc60a6161a88ad37fb04d0ce0fda24176406391a5ac521299143bdf59a474a17272105e55e9870cec2942a6705993e821e54441c877a64450e739b1321ad17e1ed552e65654bbfcc8ebd1d64fc4e888609a90410f780fe5031c27737f2de05a7ddf00129eb746a2e990438d9bf6a3211779707d615d79111b3fe71c26433482306ce7563c11cdf6f8da283ae147311465af80ba5350e6d65438cd5a20ec155d78227e5336d504f8f1145f4b942180f7ba6e5c9a070d4e31289d4845229780e53713090e782a75b32729c10da28c1f2702dad57a37416fc138040064347a0a290803f51a619402d88d0a4b2bef39bf92696b6d7052459a78a258edfe2e66f2e10a80b168b483c90a1a1dd67c6d6c9b7a2336d1678131ca38552d9acff05dcd57f9f4164064b7781d8a8b5507e21edfe35d65d726bf24799535648cd04f3b7e85c3f6762f353a8f65afdc7ba63bc0eb65d7188cb1adee1d8d14c0413458d2ff65093d972ac3696fa12defc0f8dedf2309e1b80fc672205e6ccfc6b494233c4d00b5471cb52d896c73cddee40e5e51ee8a9bbe453a1a7d5b9832cacc5965220145504ccb2a157a7c1d9d718c0bf96cd350ac5ca330c827bedbff299774707f5840a0d954ae39c9421975d48e05d87a1ceddefbecae936e15ffb308364b69eefd345d6200cd128e48c162a4ebd026fefb7cc73e80204b21ff30d63e8707292f60682c6f6a587fff9c5a0fae24e0406df5363c7c9d31f72829b6a9d9237a84e83e22c33bf6313ee4072f09f9c6254d0eb7239d51cdda77b8e3d42a89449a3e1b6be8953a27651486383879490486fd11b6ac4e1b86f8a71fc294e0ebf572f4ef00582be189ee5a38c18d4d51cd3221fb1475a56cdf3cc7258bf8c559bf1a9"}) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000780)={0x2, 0x0, @ioapic={0x10000, 0x0, 0x4, 0xefffffff, 0x0, [{0x2, 0x8, 0xfc, '\x00', 0x3}, {0x4, 0x9, 0xfc, '\x00', 0x7c}, {0xfc, 0x12, 0x4, '\x00', 0x1}, {0x11, 0xb, 0x0, '\x00', 0xea}, {}, {0xfe, 0x0, 0x1, '\x00', 0x2}, {0x1f, 0x1, 0x2}, {0xfd, 0x0, 0x7, '\x00', 0x2}, {0x0, 0xf, 0xf7, '\x00', 0xfc}, {0xa8, 0x6, 0x0, '\x00', 0x11}, {0xb}, {0x9, 0x9, 0x42, '\x00', 0xff}, {0x0, 0x0, 0x2, '\x00', 0x1}, {0x2, 0x0, 0x6}, {0xff, 0x9, 0x0, '\x00', 0x49}, {0x1, 0x1, 0x80}, {0x3, 0x0, 0x0, '\x00', 0x84}, {0x2, 0x2, 0x6, '\x00', 0x10}, {0x48, 0x4, 0xd, '\x00', 0xfd}, {0x8, 0xc0, 0x3}, {0x4, 0x12, 0x3, '\x00', 0x25}, {0xfd, 0x9, 0x0, '\x00', 0x5}, {0x2, 0x2, 0x9}, {0x9, 0xff, 0x3, '\x00', 0x7}]}}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DISCONNECT(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="01002cbd701cfe9ffa651300000008fe0003", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4000000) sendmsg$NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, 0x0, 0x800) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000640), 0xffffffffffffffff) r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0) write$nbd(r6, &(0x7f00000003c0)=ANY=[@ANYBLOB="0100"], 0x40) sendmsg$NL80211_CMD_NEW_STATION(r6, 0x0, 0x40801) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7078, 0x1000, 0x400007, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x0, 0x0, 0x0, 0x0, 0x23457, 0x0, 0x0, 0x1}) io_uring_enter(r7, 0x3516, 0x0, 0x0, 0x0, 0x0) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x50, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}]}, 0x50}}, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0xc, &(0x7f00000004c0)=0xa, 0x0, 0x4) r11 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000009c0)=ANY=[@ANYBLOB="1c0000000406010100000000000000000000000005000100070000000e90f2308f36cbfdfa7523f9b037a31ba5656f9836866837eae2c90372b8d07ee36312e866bd2e0c29488c6dcfc30c9e84fd9b40e6480d44e753a443ed568095000342a443f55e2b2289a6df7f2967dd17a3b8622e0b760466b297dd901601f7ef9e95d28f4ae819949dfdae6aa7d493c4b6cc3604cb9e2409f2b2d9777382b0fb635efd2c625879578b939578c6c865f16a5f8446ebd7096c3300"/196], 0x1c}}, 0x0) syz_clone(0x80, &(0x7f0000000200)="13979d3dd4ac0b402d3bcd2a17aca43997e5ec0796649172888966badeb2524614b33d77367c1b625a42c25948e600d11ec582e4409f90f57d2641803661298efe756e9036dbbabec728c19247799bb5f9aa0570492da341fb465c8ec4c566fa6729fbe60fc75b4a725cf037c043a24fcbb70855cf37d3aacd1093ad75918a78464f517d85183238be9d2acf254ca5f130d0199b81022d5ecac5252cc3d828ed5fe41a98c564f0c8bb68561e6ae9c6c6f1a728aed1d6aceadd90c315d656b3bfab063ad5beb5d83d3d97f99586a4627967f0", 0xd2, 0x0, &(0x7f0000000040), 0x0) r12 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r12, 0x0, 0x80, &(0x7f0000000080)=@filter={'filter\x00', 0xe, 0x1, 0x1ae, [0x0, 0x80000200, 0x80000230, 0x8000037e], 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0100000005000000080000000a0077673200000000000000000000000000776731000000000000000000000000006272696467655f736c6176655f30000069703664727370616e3000000000000000000000000000ffff800000aaaaaaaaaa1800ff0000ffffda000000da0000001e0100007261746565737400000000000000000000000000000000000000000000000000480000006970366772653000000000000000000064766d72703100000000000000000000100000007f00000000000001060000000b00000000000000010000000000000000000000000000004552524f52000000000000000000000000000000000000000000000000000000200000006d1f8e0f081460aae8eb3ce4645ae18d72b7ac9d7ff58d770b2d91e9d0fd000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff00000000"]}, 0x1fe) 3.029558531s ago: executing program 2 (id=131): r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x4480, 0x0) ioctl$TIOCSETD(r0, 0x5423, &(0x7f0000000040)=0x1) r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x2) mmap(&(0x7f0000000000/0x400000)=nil, 0x400000, 0x1000002, 0x11012, r1, 0x0) syz_clone(0x11, 0x0, 0x0, 0x0, 0x0, 0x0) openat2$dir(0xffffff9c, &(0x7f0000000240)='./file0\x00', &(0x7f0000000280)={0x40000}, 0x18) openat$vnet(0xffffff9c, &(0x7f0000000300), 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) r2 = openat$fuse(0xffffffffffffff9c, &(0x7f0000002080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000042c0)='./file0\x00', &(0x7f0000002100), 0x0, &(0x7f0000000000)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r2, @ANYBLOB=',rootmode=00000000000000000040000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) chmod(&(0x7f0000000080)='./file0\x00', 0x10d) read$FUSE(r2, &(0x7f0000002140)={0x2020, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r2, &(0x7f0000004200)={0x50, 0x0, r3, {0x7, 0x21, 0xffffffff, 0x7123c298, 0x2, 0x6, 0x4, 0x0, 0x0, 0x0, 0x40, 0x8}}, 0x50) 2.793065452s ago: executing program 1 (id=132): mkdir(&(0x7f0000000300)='./bus\x00', 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_open_dev$dri(&(0x7f00000000c0), 0x1ff, 0x529002) msgctl$IPC_RMID(0x0, 0x300) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x3) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4040aea0, &(0x7f0000000000)=@x86={0x7, 0x9, 0x0, 0x0, 0xcf, 0x4, 0xa, 0x0, 0x9, 0x37, 0xa, 0x2, 0x0, 0x0, 0x7, 0x8, 0xef, 0x3, 0x1d, '\x00', 0x9}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r3 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r4 = dup(r3) write$6lowpan_enable(r4, &(0x7f0000000000)='0', 0xfffffd2c) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) setsockopt$inet_tcp_int(r5, 0x6, 0x3, &(0x7f00000001c0)=0x1, 0x4) bind$inet(r5, &(0x7f0000000200)={0x2, 0x4e24, @multicast2}, 0x10) sendmmsg$inet(r5, &(0x7f0000002f00)=[{{&(0x7f0000000000)={0x2, 0x4e24, @local}, 0x10, &(0x7f0000000600)=[{&(0x7f0000000040)="86", 0x1}], 0x1}}], 0x1, 0x20004000) r6 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$MPTCP_PM_CMD_DEL_ADDR(0xffffffffffffffff, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB='4\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="07000000400081001fff02000000200001801400040000000000000000000000ffffac1414aa060001000a"], 0x34}, 0x1, 0x0, 0x0, 0x8081}, 0x24000800) syz_io_uring_setup(0x238, 0x0, &(0x7f0000000080)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r7, r8, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000300)="d800000018008111e00212ba0d8105040a020000030f000b067c55a1bc000900b8000699030000000500160002008178a8001500090001400200000901ac040000d67f6f94007100a007a290457f0189b316277ce06bbace8017cbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe04000000730d7a5025ccca262f3d40fad95667e04adcdf634c1f215ce3bb9ad809d5e1cace81ed0b7fece0b42a9ecbee5de6ccd40dd6e4edef3d93452a92307f27260e970300000000000000000000000000000000000000008dc5fb510162", 0xd8}], 0x1}, 0x0) 2.315087186s ago: executing program 1 (id=137): r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x1) fsconfig$FSCONFIG_CMD_CREATE(r0, 0x6, 0x0, 0x0, 0x0) fchdir(0xffffffffffffffff) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) acct(&(0x7f0000000140)='./file0\x00') 2.222931625s ago: executing program 1 (id=138): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket(0x1d, 0x2, 0x6) ioctl$ifreq_SIOCGIFINDEX_vcan(r1, 0x8933, &(0x7f0000000000)={'vcan0\x00'}) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) ioctl$KVM_SET_MSRS(r4, 0x4008ae89, &(0x7f0000000000)=ANY=[@ANYBLOB="010000000000000002000040"]) r5 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(0x0, r5) socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x2, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x800, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x0, 0xffffffff}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r6 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r7, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r8, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r6, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r7, &(0x7f00000000c0), 0x10106, 0x2, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r9 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="30000000100001000000ce6bb9092919507f3400", @ANYRES32=0x0, @ANYBLOB="000000000000000408000a00", @ANYRES32=0x0, @ANYBLOB="08001b"], 0x30}}, 0x0) recvmmsg(0xffffffffffffffff, &(0x7f0000000480)=[{{0x0, 0x0, 0x0, 0x0, &(0x7f00000003c0)=""/11, 0x17}}], 0x400000000000179, 0x0, 0x0) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000e00)={&(0x7f0000000180)=ANY=[@ANYBLOB="9feb010018000000000000001800000018000000020000000000000001000003000000000000000000000000000000000000c48d7aef1040f883fb303bdbef833f7614fdeb20bc861daedbd4a3dd9fe0cd8a768b080fe9de39c7"], &(0x7f0000000d00)=""/198, 0x32, 0xc6, 0x1, 0x0, 0x0, @void, @value}, 0x20) sendmsg$nl_generic(r0, &(0x7f0000000000)={0x0, 0xe703, &(0x7f0000000440)={&(0x7f00000007c0)=ANY=[@ANYBLOB="280300002d00090027bd7000000000000400"], 0x328}}, 0x84) 2.092843271s ago: executing program 2 (id=139): r0 = creat(&(0x7f0000000300)='./file0\x00', 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) clock_gettime(0x0, &(0x7f0000002f80)={0x0, 0x0}) recvmmsg$unix(r0, &(0x7f0000002f00)=[{{&(0x7f0000000080)=@abs, 0x6e, &(0x7f0000000140)=[{&(0x7f0000000340)=""/177, 0xb1}], 0x1}}, {{&(0x7f0000000280), 0x6e, &(0x7f0000000180)=[{&(0x7f0000000400)=""/251, 0xfb}], 0x1}}, {{&(0x7f0000000500), 0x6e, &(0x7f0000002a40)=[{&(0x7f0000000580)=""/230, 0xe6}, {&(0x7f0000000680)=""/2, 0x2}, {&(0x7f00000006c0)=""/4096, 0x1000}, {&(0x7f00000016c0)=""/251, 0xfb}, {&(0x7f00000017c0)=""/24, 0x18}, {&(0x7f0000001800)=""/4096, 0x1000}, {&(0x7f0000002800)=""/78, 0x4e}, {&(0x7f0000002880)=""/173, 0xad}, {&(0x7f0000002940)=""/84, 0x54}, {&(0x7f00000029c0)=""/124, 0x7c}], 0xa}}, {{&(0x7f0000002ac0)=@abs, 0x6e, &(0x7f0000002e40)=[{&(0x7f0000002b40)}, {&(0x7f0000002b80)=""/157, 0x9d}, {&(0x7f0000002c40)=""/159, 0x9f}, {&(0x7f0000002d00)=""/173, 0xad}, {&(0x7f0000002dc0)=""/80, 0x50}], 0x5, &(0x7f0000002e80)=[@rights={{0x2c, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}, @rights={{0x18, 0x1, 0x1, [0xffffffffffffffff, 0xffffffffffffffff, 0xffffffffffffffff]}}], 0x44}}], 0x4, 0x40000000, &(0x7f0000002fc0)={r3, r4+60000000}) write$P9_RLERRORu(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="1c00000007ffff"], 0x52) mount$9p_fd(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000000200)={'trans=fd,', {'rfdno', 0x3d, r1}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@version_u}]}}) 2.012931257s ago: executing program 2 (id=140): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="04000000040000000400000005"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000000e7057b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000000085"], 0x0, 0xffffffff, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x12, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00', r1}, 0x10) r2 = mq_open(&(0x7f0000000a00)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xd3\xa7\xd8J\xfd\x94#KT\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\x88N\xb8\xde\xeb)\xcd\xc56m\n\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88|0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc\x02\xea\x91\xe8\xd8\x01YZy\xe6!\x89\x9c\xd1\xa6\x167\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1[\x84\x10aF\x9b\xda\xeb\xc4*\x02q\xb2\x92\x00\x8cv\xac AN\xb9\xaa\x81W\x97Te\x81\x98L\xfe\x97+u\xd3^\xb1\xf0\xe0\x1f\xbd\a\xbb\xe5\x18\x9ds\x12ha\x00\xeb\x84\x99\xc6\x0f\xf1\xd5LD\xa87\xa0DQ\x8a2\x16!8,\xbc%$\xf1\xf2\xd6\x9cy\xecK\xda\xc5\xdc\xfa\xdd\xf6\b\xc6\xb4\x14\x16\x9c\x7f\x92\x85\xb0\xa2%:\xf0\xf4\x150\x0f\xb4\xa6d\xb4\xe4L\x19W\xd5\x90\xf7l\x1b\xfe\xde\vh\x97=m\x82.\xac\vh\xfe\x84Q}\x838/\x83\xebP\xbe\xd6+:\xceE\\\x95\xd4\xac\x92\x87\xd7\x98\x97\xe3\xec\xad\xd5\xac\x80C\x84R\x88r^g\xbaQ(\x9a>\xe2\xba\xa8=\x17\f04\x8f\x1f\xf2\x88*@v\xe7\xd1\xee\xb3\xc2\x8dT\xda\x81g\xd9\x1a:hzW6s)x\x06\xae\x11\xf2\x1e\xcd\v\xe5L\x19\x96s\xbc\x9e\xf4\x10$\r\xa4\xd8\xa2\xa2\xfcM\xc5R3~$\xc0\xa5n\x9a W\xb1e\xcc<$\xf5#G\xce\xaf\x88U\xfa\x80\xf24\xf6\xb5\xef\xe2z\xcf\x9eN\x92\xac\x81{\xe6\xbd\xd7\x16\xe6F\xe2\x9e\x91%\x94\v\xb9\xdc\xd6\x87\x8f\xcd\xc1\xb05\x81\x81\xf8\xe9X\xe8Kt9@\xf4\xe1\xa6=\xc9\xe1:p4\nP[f\x1d\xfd\xfa\x839\x8d\x0e\xd1\xf9\xa0\xd2^E\xe5\xedo.\xaa\xf2\xb4\xcdn\x14\f\xcd\x83_yk\xda\xc5\x89\xf0Z\xea\x1d\xbd\xc00\v\xa3\xb3\xbe\xe6\x8b\x18/\xa8\xaaY\xf2\x89\x0f\x9enOOr\x00\xb2\x01\x1f:Z\xb8\xee;\xe3;\x8aPV\xce\xee\xf8[\x16\n\xe6:z\xb8\x1dvk\a{\xc1\x14\xd9+\xdb\t\x11\x90y\xe8\\\xe6\xfc\xca\xb4\xcbC\xd6\xd0\xbeC\xce\xc0L\xdb\xcd\xb3\x907c\xb4\xa6\xce\xdb[\xce\x122N\xa3\xc7Q<\x1a\xa5\xb3)\xc5\x98\x84\x8a\x82\x19\xb0\t\xac\x10\\\x8c\xbe\xcb\raIYe[\xa8\xc4\xac\x0e\xbb\x0f\b^\xdag\xe2\xa9\"\xf5h\'\xcf\xd9\x1b\xef\xe3\xe7y\x82\x1e\xca\x7f\x02 \xcf\x9e\xe0\xd9TM\xb9\n\xa9\xad3\x91\xa5\xe6!\xcd\xa2\xa4\x14\x12\xf9\xbf\xa8b\xcec:\xd7\'\f\f\x957\xc9}\r\xa6\xaa\x0f\xca\x96\xeb\x00\x00\x00\x00\x00', 0x42, 0x155, 0x0) mq_unlink(&(0x7f0000000000)='eth0\x00') close(r2) 2.012420878s ago: executing program 2 (id=142): r0 = openat$cachefiles(0xffffffffffffff9c, &(0x7f0000000040), 0x2002, 0x0) write$UHID_INPUT(r0, 0x0, 0x1) sendmmsg$inet6(r0, &(0x7f00000001c0), 0x0, 0x8001) r1 = socket$inet(0x2, 0x80001, 0x84) getsockopt$inet_sctp_SCTP_MAX_BURST(r1, 0x84, 0x14, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f0000000040)=0x8) r3 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) getsockopt$inet_sctp_SCTP_DEFAULT_SNDINFO(r3, 0x84, 0x22, &(0x7f00000000c0)={0xfff1, 0x0, 0x9, 0x5, r2}, &(0x7f0000000080)=0x10) 1.922585171s ago: executing program 0 (id=143): mkdir(&(0x7f0000000200)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000140)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000100)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) 1.922410795s ago: executing program 2 (id=144): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="1a0100005c6b4408070a64006e40010203030902240001a82300000904000002ca744d00090503034d00ff99090805", @ANYRES32], &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x1, [{0x0, 0x0}]}) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) pwritev2(r1, &(0x7f0000000980)=[{&(0x7f00000014c0)="ba", 0x1}], 0x1, 0x2, 0x101, 0x0) pipe(&(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000940)={0xffffffffffffffff, 0xffffffffffffffff}) writev(r3, &(0x7f0000000400)=[{&(0x7f0000000100)="92", 0x1}], 0x1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x0) r6 = userfaultfd(0x80801) ioctl$UFFDIO_API(r6, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r6, 0xc020aa00, &(0x7f0000000000)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x3}) ioctl$UFFDIO_WRITEPROTECT(r6, 0xc018aa06, &(0x7f0000000140)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) mbind(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x0, 0x0, 0x0, 0x2) r7 = bpf$MAP_CREATE(0x0, &(0x7f0000000140)=@base={0xb, 0x13, 0x200cc, 0x6, 0x5, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000200), &(0x7f0000000240), 0x4af, r7}, 0x38) pipe(&(0x7f0000000380)={0xffffffffffffffff, 0xffffffffffffffff}) splice(r5, 0x0, r8, 0x0, 0xf3a, 0x0) splice(r2, 0x0, r8, 0x0, 0x1, 0x4) write(r4, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 1.852752667s ago: executing program 0 (id=145): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_PMKSA(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd7000fbdbdf25340000000800", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x200040d0}, 0x800) 1.683056399s ago: executing program 0 (id=146): socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0) socket$can_bcm(0x1d, 0x2, 0x2) r0 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r0, 0x84, 0x64, 0x0, 0x0) sendto$inet6(r0, &(0x7f0000000000)="b7", 0x1, 0x4000014, &(0x7f000005ffe4)={0xa, 0x4e23, 0xfffffffc, @ipv4={'\x00', '\xff\xff', @loopback}}, 0x1c) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r2, &(0x7f0000002540)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) socket$can_bcm(0x1d, 0x2, 0x2) r5 = dup(r4) write$UHID_INPUT(r5, &(0x7f0000001040)={0xf, {"a2e3ad21ed0d1bf91b4d090955f70e06d038e7ff7fc6e5539b0d3f0e8b089b3f35076e090890e0878f0e1ac6e7049b3346959b669a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31070d07580936cd3b78130daa61d8e8040018005802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15ffffffffffffffff1243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce7cd9f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d4ac01b75d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f423500c7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40427db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afa2d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02daee67918e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7340002000000000000f288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4108b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9cc8036cbd65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c6b00000000000000f96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f90000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400", 0x1000}}, 0x96d) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x0) madvise(&(0x7f0000bc0000/0x400000)=nil, 0x400000, 0x9) r6 = openat$ipvs(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/net/ipv4/vs/sync_threshold\x00', 0x2, 0x0) r7 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000140)='/proc/diskstats\x00', 0x0, 0x0) sendfile(r6, r7, 0x0, 0x106f) 993.592242ms ago: executing program 1 (id=148): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x3, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x200) ioctl$KVM_SET_LAPIC(r2, 0x4400ae8f, &(0x7f0000000380)={"f9bef8d1aaeadafa287efdb9450ae3e2d260489591c42ab93a0c7bca18e9a19fa8e6cd61e9f62f91123f1311f81f85b4044554cb6e3ca1b6d1fc011bd71bdda82f37ccfa5b87dd5dcd311dbbb67f240dc02c53b7eabf3651660ce801e3878538da8bb24e1dbc480dae36207bf6b7b946c7a8ec08468f9a75ec797b8c11807655272833a7c70ccfc9a8259e7a148eca4d16b6ff519973a20b65f91a7261cdd2440a5a0566d843fa334b0280f0aacc3b417322b9b56098dd842c44139da4bd1e2212a40ba043bd72b995b172b26b71d434e9f3bf74b4ed480b264e0e9d6f628732534db36bfb92ee6419fb244db44abf0cd9357755ce9c4c9a584e5eb89ffd10c8a6c3c6115265f25f798570751917cd7cfc2ca71729e268c3b30c05b3dfdb18cbbfd3036a889f5fefb0f9d56bf970bdbf2524f8e435b721c809e73a5fdafbf1594088ad1974908bf5fc752d564c1a4989a7d1e59564567d9b437442c5c1cfec93526395d18b1ecb18dedd713ced403a00a2cd27b2dc857808287ea88157b3c19075eb33f7cc60a6161a88ad37fb04d0ce0fda24176406391a5ac521299143bdf59a474a17272105e55e9870cec2942a6705993e821e54441c877a64450e739b1321ad17e1ed552e65654bbfcc8ebd1d64fc4e888609a90410f780fe5031c27737f2de05a7ddf00129eb746a2e990438d9bf6a3211779707d615d79111b3fe71c26433482306ce7563c11cdf6f8da283ae147311465af80ba5350e6d65438cd5a20ec155d78227e5336d504f8f1145f4b942180f7ba6e5c9a070d4e31289d4845229780e53713090e782a75b32729c10da28c1f2702dad57a37416fc138040064347a0a290803f51a619402d88d0a4b2bef39bf92696b6d7052459a78a258edfe2e66f2e10a80b168b483c90a1a1dd67c6d6c9b7a2336d1678131ca38552d9acff05dcd57f9f4164064b7781d8a8b5507e21edfe35d65d726bf24799535648cd04f3b7e85c3f6762f353a8f65afdc7ba63bc0eb65d7188cb1adee1d8d14c0413458d2ff65093d972ac3696fa12defc0f8dedf2309e1b80fc672205e6ccfc6b494233c4d00b5471cb52d896c73cddee40e5e51ee8a9bbe453a1a7d5b9832cacc5965220145504ccb2a157a7c1d9d718c0bf96cd350ac5ca330c827bedbff299774707f5840a0d954ae39c9421975d48e05d87a1ceddefbecae936e15ffb308364b69eefd345d6200cd128e48c162a4ebd026fefb7cc73e80204b21ff30d63e8707292f60682c6f6a587fff9c5a0fae24e0406df5363c7c9d31f72829b6a9d9237a84e83e22c33bf6313ee4072f09f9c6254d0eb7239d51cdda77b8e3d42a89449a3e1b6be8953a27651486383879490486fd11b6ac4e1b86f8a71fc294e0ebf572f4ef00582be189ee5a38c18d4d51cd3221fb1475a56cdf3cc7258bf8c559bf1a9"}) ioctl$KVM_SET_IRQCHIP(r1, 0x8208ae63, &(0x7f0000000780)={0x2, 0x0, @ioapic={0x10000, 0x0, 0x4, 0xefffffff, 0x0, [{0x2, 0x8, 0xfc, '\x00', 0x3}, {0x4, 0x9, 0xfc, '\x00', 0x7c}, {0xfc, 0x12, 0x4, '\x00', 0x1}, {0x11, 0xb, 0x0, '\x00', 0xea}, {}, {0xfe, 0x0, 0x1, '\x00', 0x2}, {0x1f, 0x1, 0x2}, {0xfd, 0x0, 0x7, '\x00', 0x2}, {0x0, 0xf, 0xf7, '\x00', 0xfc}, {0xa8, 0x6, 0x0, '\x00', 0x11}, {0xb}, {0x9, 0x9, 0x42, '\x00', 0xff}, {0x0, 0x0, 0x2, '\x00', 0x1}, {0x2, 0x0, 0x6}, {0xff, 0x9, 0x0, '\x00', 0x49}, {0x1, 0x1, 0x80}, {0x3, 0x0, 0x0, '\x00', 0x84}, {0x2, 0x2, 0x6, '\x00', 0x10}, {0x48, 0x4, 0xd, '\x00', 0xfd}, {0x8, 0xc0, 0x3}, {0x4, 0x12, 0x3, '\x00', 0x25}, {0xfd, 0x9, 0x0, '\x00', 0x5}, {0x2, 0x2, 0x9}, {0x9, 0xff, 0x3, '\x00', 0x7}]}}) ioctl$sock_SIOCGIFINDEX_80211(0xffffffffffffffff, 0x8933, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_DISCONNECT(r3, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000004c0)=ANY=[@ANYBLOB="1c000000", @ANYRES16=r4, @ANYBLOB="01002cbd701cfe9ffa651300000008fe0003", @ANYRES32=r5, @ANYBLOB], 0x1c}, 0x1, 0x0, 0x0, 0x10}, 0x4000000) sendmsg$NL80211_CMD_DISASSOCIATE(0xffffffffffffffff, 0x0, 0x800) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000640), 0xffffffffffffffff) r6 = openat$dlm_plock(0xffffffffffffff9c, &(0x7f0000000000), 0x41, 0x0) write$nbd(r6, &(0x7f00000003c0)=ANY=[@ANYBLOB="0100"], 0x40) sendmsg$NL80211_CMD_NEW_STATION(r6, 0x0, 0x40801) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7078, 0x1000, 0x400007, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_TIMEOUT_REMOVE={0xc, 0x0, 0x0, 0x0, 0x0, 0x23457, 0x0, 0x0, 0x1}) io_uring_enter(r7, 0x3516, 0x0, 0x0, 0x0, 0x0) r10 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r10, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x50, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}]}, 0x50}}, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0xc, &(0x7f00000004c0)=0xa, 0x0, 0x4) r11 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_FLUSH(r11, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000009c0)=ANY=[@ANYBLOB="1c0000000406010100000000000000000000000005000100070000000e90f2308f36cbfdfa7523f9b037a31ba5656f9836866837eae2c90372b8d07ee36312e866bd2e0c29488c6dcfc30c9e84fd9b40e6480d44e753a443ed568095000342a443f55e2b2289a6df7f2967dd17a3b8622e0b760466b297dd901601f7ef9e95d28f4ae819949dfdae6aa7d493c4b6cc3604cb9e2409f2b2d9777382b0fb635efd2c625879578b939578c6c865f16a5f8446ebd7096c3300"/196], 0x1c}}, 0x0) syz_clone(0x80, &(0x7f0000000200)="13979d3dd4ac0b402d3bcd2a17aca43997e5ec0796649172888966badeb2524614b33d77367c1b625a42c25948e600d11ec582e4409f90f57d2641803661298efe756e9036dbbabec728c19247799bb5f9aa0570492da341fb465c8ec4c566fa6729fbe60fc75b4a725cf037c043a24fcbb70855cf37d3aacd1093ad75918a78464f517d85183238be9d2acf254ca5f130d0199b81022d5ecac5252cc3d828ed5fe41a98c564f0c8bb68561e6ae9c6c6f1a728aed1d6aceadd90c315d656b3bfab063ad5beb5d83d3d97f99586a4627967f0", 0xd2, 0x0, &(0x7f0000000040), 0x0) r12 = socket$inet_smc(0x2b, 0x1, 0x0) setsockopt$EBT_SO_SET_ENTRIES(r12, 0x0, 0x80, &(0x7f0000000080)=@filter={'filter\x00', 0xe, 0x1, 0x1ae, [0x0, 0x80000200, 0x80000230, 0x8000037e], 0x0, 0x0, &(0x7f0000000200)=ANY=[@ANYBLOB="00000000000000000000000000000000000000000000000000000000000000000000000000000000feffffff0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ffffffff0100000005000000080000000a0077673200000000000000000000000000776731000000000000000000000000006272696467655f736c6176655f30000069703664727370616e3000000000000000000000000000ffff800000aaaaaaaaaa1800ff0000ffffda000000da0000001e0100007261746565737400000000000000000000000000000000000000000000000000480000006970366772653000000000000000000064766d72703100000000000000000000100000007f00000000000001060000000b00000000000000010000000000000000000000000000004552524f52000000000000000000000000000000000000000000000000000000200000006d1f8e0f081460aae8eb3ce4645ae18d72b7ac9d7ff58d770b2d91e9d0fd000000000000000000000000000000000000000000000000000000000000000000000000000001000000feffffff00000000"]}, 0x1fe) 844.082512ms ago: executing program 1 (id=149): socket$igmp6(0xa, 0x3, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) request_key(&(0x7f0000000040)='asymmetric\x00', &(0x7f0000001ffb)={'syz', 0x1, 0xc}, &(0x7f0000001fee)='R\x10suse\x00\x00\x00\x00\x01\x00\x00dn\x00\x00\x00', 0x0) r3 = openat$fb0(0xffffffffffffff9c, &(0x7f00000002c0), 0x0, 0x0) r4 = socket$l2tp6(0xa, 0x2, 0x73) bind$inet6(r4, &(0x7f0000000000)={0xa, 0x4e20, 0x80000000, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0xf}, 0x1c) r5 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r5, &(0x7f0000000140)={0x28, 0x0, 0x0, @my=0x1}, 0x10) r6 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x2, &(0x7f0000000800)=ANY=[@ANYBLOB="85008055000000050000009501ff9f00fe698183243c58b36fa913884ad4f44cd7139a8190ef2b3e694060585600b2b1d7cf96a513a90e8bfb8c191078e72016dd117bca0a31ca7995d055af778e555f4d893370d8fa28e7f247"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffff8000, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f00000003c0)='virtio_transport_alloc_pkt\x00', r6}, 0x10) setsockopt$SO_VM_SOCKETS_BUFFER_MIN_SIZE(0xffffffffffffffff, 0x28, 0x1, &(0x7f00000001c0)=0x8100000000000009, 0x8) ioctl$FBIOPUT_VSCREENINFO(r3, 0x4601, &(0x7f0000000380)={0x3c0, 0x78, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, {}, {}, {}, {}, 0x0, 0x0, 0x0, 0x0, 0x1, 0x4, 0x8, 0x3, 0x1ff, 0x3d, 0x5, 0x3, 0x53, 0x202, 0x1, 0xc}) r7 = bpf$PROG_LOAD(0x5, 0x0, 0x0) r8 = add_key$user(&(0x7f0000000000), &(0x7f0000000040)={'syz', 0x0}, &(0x7f00000000c0)="ff", 0x1, 0xffffffffffffffff) r9 = add_key$user(&(0x7f0000000380), &(0x7f0000000000)={'syz', 0x0}, &(0x7f0000000580)='X', 0x1, 0xfffffffffffffffe) r10 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000080)={r9, r10, r8}, 0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000280)={'sha1-generic\x00'}}) socket$nl_generic(0x10, 0x3, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x16, 0x14, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x8001, 0x0, 0x0, 0x0, 0x9}, {}, {}, [@ldst={0x3, 0x2, 0x4, 0x0, 0x7, 0xffffffffffffffe0, 0x4237ec21d2974be}, @map_idx_val={0x18, 0xb, 0x6, 0x0, 0x9, 0x0, 0x0, 0x0, 0x8}, @map_fd={0x18, 0xb, 0x1, 0x0, 0x1}], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000340)='GPL\x00', 0x415, 0x14, &(0x7f0000000440)=""/20, 0x41000, 0xd, '\x00', 0x0, @fallback=0x1f, 0xffffffffffffffff, 0x8, &(0x7f0000000640)={0x0, 0x1}, 0x8, 0x10, &(0x7f0000000680)={0x3, 0x9, 0x800, 0x1000}, 0x10, 0x0, r7, 0x1, 0x0, &(0x7f0000000700)=[{0x8, 0x2, 0xf, 0x9}], 0x10, 0x250, @void, @value}, 0x94) 710.182487ms ago: executing program 0 (id=150): openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0) (async) bind$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x4e21, @local}, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) r0 = syz_open_dev$vcsn(0x0, 0x0, 0x26642) socket$kcm(0x2, 0x5, 0x84) (async) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x8, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3}}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) (async) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) (async) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) (async) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) (async) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) (async) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async) r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200)) (async) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000ac0)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000007feffff720af0fff8ffffff71a4f0ff0000000061100000000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007303000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fee5bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00000000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d49030a8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e1661261173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e9fdc18cde98d662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c7bc46dd12305a1ae9dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ad1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67"], &(0x7f00000001c0)='GPL\x00', 0x9, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) (async) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_TCP_CONGESTION(r5, 0x6, 0xd, &(0x7f00000000c0)='dctcp\x00', 0x6) (async) getsockopt$inet6_tcp_buf(r5, 0x6, 0x1a, 0x0, &(0x7f00000001c0)=0xd) (async) bpf$MAP_CREATE(0x0, 0x0, 0x50) (async) getsockopt$inet6_mreq(r0, 0x29, 0x1b, &(0x7f00000003c0)={@mcast1, 0x0}, &(0x7f0000000400)=0x14) sendmsg$nl_route_sched_retired(r0, &(0x7f0000000540)={&(0x7f0000000300)={0x10, 0x0, 0x0, 0x80000}, 0xc, &(0x7f0000000500)={&(0x7f0000000440)=@newqdisc={0x24, 0x24, 0x100, 0x70bd2a, 0x25dfdbfb, {0x0, 0x0, 0x0, r6, {0x4, 0x10}, {0x6, 0xe}, {0x6}}}, 0x24}, 0x1, 0x0, 0x0, 0x40001}, 0x40010) (async) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000040)=@usbdevfs_connect) 601.327647ms ago: executing program 0 (id=151): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="b8000000190001000000000000000000dc020078000000000000000000000000ff02000000000000e26ea7250000000100000000000000000a"], 0xb8}}, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, 0x0) sendmsg$nl_xfrm(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000000)=ANY=[@ANYBLOB="650100001b"], 0x188}}, 0x0) 532.610196ms ago: executing program 0 (id=152): r0 = syz_open_procfs(0x0, &(0x7f0000000240)='mountinfo\x00') r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000380)='.\x00', &(0x7f0000000080), 0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="4bcc72dd61070bec0494f1422be64cd0e12182ae31ab5d3970e5", @ANYRESHEX=r1, @ANYBLOB=',wfdno=', @ANYRESHEX=r0, @ANYBLOB=',\x00']) socket$inet_udplite(0x2, 0x2, 0x88) socket$nl_netfilter(0x10, 0x3, 0xc) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1, 0x0, 0x25dfdbfb}, 0x14}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r2 = getpid() bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000786c6c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000002d00000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) (async) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x5, &(0x7f0000000300)=0x8) (async) sched_setscheduler(r2, 0x5, &(0x7f0000000300)=0x8) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r4, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r5, &(0x7f0000000000), 0x400000000000041, 0x0) socket$kcm(0x10, 0x2, 0x0) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) (async) sched_setaffinity(r2, 0x8, &(0x7f0000000240)=0x2) r6 = socket$kcm(0x2b, 0x1, 0x0) openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) (async) openat$null(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) sendmsg$inet(r6, &(0x7f0000000240)={&(0x7f00000000c0)={0x2, 0x4001, @remote}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x300}, 0x200048cc) setsockopt$sock_attach_bpf(r6, 0x1, 0xd, &(0x7f0000000080), 0x24) close(r6) rseq(&(0x7f0000000240)={0x0, 0x0, 0x0, 0x6}, 0x20, 0x0, 0x0) (async) rseq(&(0x7f0000000240)={0x0, 0x0, 0x0, 0x6}, 0x20, 0x0, 0x0) request_key(&(0x7f00000002c0)='id_resolver\x00', &(0x7f0000000200)={'syz', 0x3}, &(0x7f0000000280)='syz', 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) 303.123879ms ago: executing program 3 (id=153): r0 = openat$qat_adf_ctl(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = mmap$IORING_OFF_CQ_RING(&(0x7f0000ffa000/0x4000)=nil, 0x4000, 0xd, 0x80010, 0xffffffffffffffff, 0x8000000) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x100, &(0x7f0000000040)=0x10, 0x0, 0x4) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_SET_IRQCHIP(r3, 0x4048aec9, &(0x7f0000000740)={0x2, 0x0, @ioapic={0x4000, 0x2, 0x800000, 0x100, 0x0, [{0x6, 0x3, 0x6, '\x00', 0x8}, {0x0, 0x3, 0x3}, {0x3, 0x4, 0xc}, {0x1a, 0x7, 0x7, '\x00', 0x5}, {0x4, 0x3f, 0x1, '\x00', 0x58}, {0x2, 0x1, 0x8, '\x00', 0x7}, {0x6, 0xb, 0x1, '\x00', 0x9d}, {0x2, 0xa0, 0x4, '\x00', 0x4}, {0xf7, 0x4, 0xd, '\x00', 0xec}, {0x2, 0x7, 0x1, '\x00', 0x5}, {0x6, 0xa, 0x0, '\x00', 0x9}, {0x2, 0x6, 0x8, '\x00', 0x3}, {0x26, 0x3, 0x6, '\x00', 0x9}, {0x2, 0x0, 0x7, '\x00', 0x3}, {0xc, 0x5, 0x37, '\x00', 0x4}, {0x6, 0x5, 0x5, '\x00', 0x10}, {0x5, 0x8, 0x0, '\x00', 0x5}, {0x7, 0x4, 0x3, '\x00', 0x3}, {0x8, 0x4, 0x0, '\x00', 0x81}, {0x5, 0x3, 0xfc, '\x00', 0xc6}, {0x7f, 0x9, 0x4, '\x00', 0x3}, {0x1, 0x3, 0x4, '\x00', 0xfa}, {0xbd, 0x7, 0x8, '\x00', 0x9}, {0x7d, 0xc, 0x5, '\x00', 0x7}]}}) ioctl$IOCTL_STOP_ACCEL_DEV(r0, 0x40096101, &(0x7f0000000800)={{}, 0xfe}) 168.180473ms ago: executing program 3 (id=154): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000100)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_PMKSA(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000005c0)=ANY=[@ANYBLOB='<\x00\x00\x00', @ANYRES16=r1, @ANYBLOB="010029bd7000fbdbdf25340000000800", @ANYRES32=r2], 0x3c}, 0x1, 0x0, 0x0, 0x200040d0}, 0x800) 167.8168ms ago: executing program 3 (id=155): socket$nl_netfilter(0x10, 0x3, 0xc) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = syz_open_dev$dri(&(0x7f0000000180), 0x0, 0x0) socket$can_bcm(0x1d, 0x2, 0x2) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) ioctl$sock_ifreq(r1, 0x8910, &(0x7f0000000000)={'ip6gretap0\x00', @ifru_mtu=0x6}) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r2, 0x29, 0x40, &(0x7f0000000200)=@security={'security\x00', 0x44, 0x4, 0x424, 0xffffffff, 0xc8, 0x294, 0xc8, 0xffffffff, 0xffffffff, 0x35c, 0x35c, 0x35c, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@private0, @mcast1, [0x0, 0x0, 0xffffffff], [], 'nr0\x00', 'veth0_vlan\x00'}, 0x203, 0xa4, 0xc8, 0x8502}, @common=@unspec=@CONNSECMARK={0x24, 'CONNSECMARK\x00', 0x0, {0x1}}}, {{@uncond, 0x0, 0xa4, 0x1cc}, @common=@unspec=@SECMARK={0x128, 'SECMARK\x00', 0x0, {0x0, 0x0, 'system_u:object_r:modem_device_t:s0\x00'}}}, {{@uncond, 0x0, 0xa4, 0xc8}, @common=@unspec=@AUDIT={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x480) openat$rfkill(0xffffffffffffff9c, &(0x7f0000000280), 0x40900, 0x0) openat$nci(0xffffffffffffff9c, &(0x7f0000000080), 0x5400, 0x0) fsconfig$FSCONFIG_SET_STRING(0xffffffffffffffff, 0x1, &(0x7f0000000080)='iocharset', 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 63.144841ms ago: executing program 3 (id=156): r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000780)={0x6, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18020000f2ffffff0000000000000000850000001700000095"], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r0, 0x1008, 0x3c, 0x72, &(0x7f0000000040)="976d9023d56482cd284a63da539706d7009be646625bd75b025352ebe557df463106baeed6c2d75549b140f143fb8bb67bfe5b308b8d05758115c7ad", &(0x7f0000000180)=""/114, 0x0, 0x0, 0xd2, 0xc4, &(0x7f0000000400)="cf2240e6919817e49555d221b4e6c6ba11c4d974ddab2318db7b52cee499399a00be4b710e9246d7bca28cc8346eb84414e45f3f4633f4acb77bf8cc38c4c16fe035905db79cdc0be634a915662c4cac58ae94706f86ea320f339c21399b5bb7607044916c63c528ab4149718d6215a9a3749113c268e49b2b9dae91ed804e5ac5d4ec7ac9c5fd67a76f9a2b06f7304f6e81221a751008e786e1edde82cf1ecb76cb4cd71cf781ea3a19b917a1e215b1a6c7ee605b32b91eaae38517fde4303d5f2b1e63e9e52ae4b197fd72de1f71801e1f", &(0x7f0000000280)="bf049fd184f7b03c21d9bcddc4eef9ebb6a0da3eb91c56454e873dd7336ccf21a1eeb8da7adf80d6e06ef46c7f36222fadaed2103c286468b3f44adee51445bd1bedf8fcc1c0b9fdc8b3829b1bf0c9d2d409cdecb12ad033e299c029331993ae9760345bf7feb91ee96b0eee19454ad3dbce5019b68c114ff1921a9b4665744c7784ac6736101a70592d83c448a84c31ec60bb901d96ea99471d823ee523318878ee704a8d9502b566cad45587cb74ea8259c1c0a926fc09499395b2db5af40bb6f4c526", 0x0, 0x8000}, 0x4c) 63.010171ms ago: executing program 3 (id=157): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000140)={0x50, 0x2, 0x6, 0x5, 0x0, 0x0, {}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_DATA={0xc, 0x7, 0x0, 0x1, [@IPSET_ATTR_HASHSIZE={0x8}]}, @IPSET_ATTR_TYPENAME={0xc, 0x3, 'hash:ip\x00'}, @IPSET_ATTR_FAMILY={0x5, 0x5, 0xa}, @IPSET_ATTR_REVISION={0x5}]}, 0x50}}, 0x0) 0s ago: executing program 3 (id=158): r0 = fsopen(&(0x7f00000001c0)='ramfs\x00', 0x1) r1 = fsmount(r0, 0x0, 0xe) fchdir(r1) mknodat$loop(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x6004, 0x1) acct(&(0x7f0000000140)='./file0\x00') 0s ago: executing program 1 (id=159): prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000000)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0xf3a, 0x0) sendmsg$RDMA_NLDEV_CMD_RES_QP_GET(0xffffffffffffffff, 0x0, 0x48041) write$cgroup_pid(0xffffffffffffffff, 0x0, 0x0) splice(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x80080, 0x4) write$vhost_msg_v2(0xffffffffffffffff, 0x0, 0x0) madvise(&(0x7f0000ffc000/0x3000)=nil, 0x3000, 0x15) write(0xffffffffffffffff, 0x0, 0x0) shutdown(r0, 0x1) (fail_nth: 12) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:64259' (ED25519) to the list of known hosts. [ 42.938095][ T5857] cgroup: Unknown subsys name 'net' [ 43.076982][ T5857] cgroup: Unknown subsys name 'cpuset' [ 43.082389][ T5857] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 43.991062][ T5857] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 48.250147][ T5946] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 48.252621][ T5947] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 48.253321][ T5946] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 48.260160][ T5946] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 48.261143][ T5947] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 48.266276][ T5950] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 48.266468][ T5955] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 48.269656][ T5950] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 48.271774][ T5956] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 48.272334][ T5952] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 48.273042][ T5952] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 48.274048][ T5950] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 48.274195][ T5952] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 48.274554][ T5952] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 48.275288][ T5952] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 48.279457][ T5950] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 48.280798][ T5952] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 48.296173][ T5302] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 48.300321][ T5955] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 48.303840][ T5948] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 48.583968][ T5941] chnl_net:caif_netlink_parms(): no params data found [ 48.668540][ T5940] chnl_net:caif_netlink_parms(): no params data found [ 48.749842][ T5949] chnl_net:caif_netlink_parms(): no params data found [ 48.806999][ T5953] chnl_net:caif_netlink_parms(): no params data found [ 48.840535][ T5941] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.843766][ T5941] bridge0: port 1(bridge_slave_0) entered disabled state [ 48.846400][ T5941] bridge_slave_0: entered allmulticast mode [ 48.849008][ T5941] bridge_slave_0: entered promiscuous mode [ 48.883009][ T5941] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.885417][ T5941] bridge0: port 2(bridge_slave_1) entered disabled state [ 48.887937][ T5941] bridge_slave_1: entered allmulticast mode [ 48.890574][ T5941] bridge_slave_1: entered promiscuous mode [ 49.044319][ T5941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 49.047461][ T5940] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.050056][ T5940] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.052950][ T5940] bridge_slave_0: entered allmulticast mode [ 49.056599][ T5940] bridge_slave_0: entered promiscuous mode [ 49.066875][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.069243][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.071499][ T5949] bridge_slave_0: entered allmulticast mode [ 49.074187][ T5949] bridge_slave_0: entered promiscuous mode [ 49.079230][ T5941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 49.104191][ T5940] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.106431][ T5940] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.108664][ T5940] bridge_slave_1: entered allmulticast mode [ 49.111234][ T5940] bridge_slave_1: entered promiscuous mode [ 49.138592][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.141580][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.144847][ T5949] bridge_slave_1: entered allmulticast mode [ 49.148754][ T5949] bridge_slave_1: entered promiscuous mode [ 49.249080][ T5953] bridge0: port 1(bridge_slave_0) entered blocking state [ 49.252043][ T5953] bridge0: port 1(bridge_slave_0) entered disabled state [ 49.255287][ T5953] bridge_slave_0: entered allmulticast mode [ 49.258970][ T5953] bridge_slave_0: entered promiscuous mode [ 49.291878][ T5941] team0: Port device team_slave_0 added [ 49.295767][ T5941] team0: Port device team_slave_1 added [ 49.313934][ T5953] bridge0: port 2(bridge_slave_1) entered blocking state [ 49.316925][ T5953] bridge0: port 2(bridge_slave_1) entered disabled state [ 49.319878][ T5953] bridge_slave_1: entered allmulticast mode [ 49.323984][ T5953] bridge_slave_1: entered promiscuous mode [ 49.331219][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 49.337396][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 49.361969][ T5940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 49.432312][ T5940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 49.474485][ T5949] team0: Port device team_slave_0 added [ 49.477768][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 49.480055][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.489779][ T5941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 49.515381][ T5953] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 49.520674][ T5949] team0: Port device team_slave_1 added [ 49.525824][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 49.527986][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.535850][ T5941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 49.555543][ T5953] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 49.599970][ T5940] team0: Port device team_slave_0 added [ 49.641891][ T5953] team0: Port device team_slave_0 added [ 49.645027][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 49.647287][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.655608][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 49.661105][ T5940] team0: Port device team_slave_1 added [ 49.682735][ T5953] team0: Port device team_slave_1 added [ 49.686161][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 49.688602][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.698627][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 49.795609][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 49.798251][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.808790][ T5953] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 49.828807][ T5941] hsr_slave_0: entered promiscuous mode [ 49.831430][ T5941] hsr_slave_1: entered promiscuous mode [ 49.836492][ T5953] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 49.838745][ T5953] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.846038][ T5953] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 49.853218][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 49.856118][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.864316][ T5940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 49.923687][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 49.926584][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 49.937856][ T5940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 49.988168][ T5949] hsr_slave_0: entered promiscuous mode [ 49.990436][ T5949] hsr_slave_1: entered promiscuous mode [ 49.992472][ T5949] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 50.003634][ T5949] Cannot create hsr debugfs directory [ 50.109701][ T5940] hsr_slave_0: entered promiscuous mode [ 50.112334][ T5940] hsr_slave_1: entered promiscuous mode [ 50.115412][ T5940] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 50.118461][ T5940] Cannot create hsr debugfs directory [ 50.124721][ T5953] hsr_slave_0: entered promiscuous mode [ 50.127515][ T5953] hsr_slave_1: entered promiscuous mode [ 50.129818][ T5953] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 50.132608][ T5953] Cannot create hsr debugfs directory [ 50.344051][ T5948] Bluetooth: hci3: command tx timeout [ 50.345475][ T5946] Bluetooth: hci0: command tx timeout [ 50.345566][ T5302] Bluetooth: hci2: command tx timeout [ 50.345776][ T5302] Bluetooth: hci1: command tx timeout [ 50.525296][ T5941] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 50.532968][ T5941] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 50.538295][ T5941] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 50.549836][ T5941] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 50.582685][ T5940] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 50.589079][ T5940] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 50.596407][ T5940] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 50.605608][ T5940] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 50.656844][ T5949] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 50.665301][ T5949] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 50.686269][ T5949] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 50.691971][ T5949] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 50.750076][ T5953] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 50.755675][ T5953] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 50.760482][ T5953] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 50.767545][ T5953] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 50.800049][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0 [ 50.819614][ T5940] 8021q: adding VLAN 0 to HW filter on device bond0 [ 50.850934][ T5941] 8021q: adding VLAN 0 to HW filter on device team0 [ 50.864339][ T5940] 8021q: adding VLAN 0 to HW filter on device team0 [ 50.868226][ T1139] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.870601][ T1139] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.888896][ T1187] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.891276][ T1187] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.895458][ T1187] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.898296][ T1187] bridge0: port 1(bridge_slave_0) entered forwarding state [ 50.906153][ T217] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.908531][ T217] bridge0: port 2(bridge_slave_1) entered forwarding state [ 50.927127][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0 [ 50.972022][ T5953] 8021q: adding VLAN 0 to HW filter on device bond0 [ 50.984765][ T5949] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.009105][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.011371][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.031450][ T5953] 8021q: adding VLAN 0 to HW filter on device team0 [ 51.035095][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.037474][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.053190][ T1139] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.055593][ T1139] bridge0: port 1(bridge_slave_0) entered forwarding state [ 51.066474][ T81] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.069036][ T81] bridge0: port 2(bridge_slave_1) entered forwarding state [ 51.168957][ T5940] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 51.186705][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 51.217282][ T5940] veth0_vlan: entered promiscuous mode [ 51.242950][ T5940] veth1_vlan: entered promiscuous mode [ 51.259116][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 51.277089][ T5941] veth0_vlan: entered promiscuous mode [ 51.287046][ T5953] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 51.299233][ T5941] veth1_vlan: entered promiscuous mode [ 51.326849][ T5940] veth0_macvtap: entered promiscuous mode [ 51.332187][ T5949] veth0_vlan: entered promiscuous mode [ 51.343371][ T5940] veth1_macvtap: entered promiscuous mode [ 51.356378][ T5949] veth1_vlan: entered promiscuous mode [ 51.368098][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 51.372940][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 51.387950][ T5940] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.391505][ T5940] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.395803][ T5940] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.398454][ T5940] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.417994][ T5941] veth0_macvtap: entered promiscuous mode [ 51.421649][ T5953] veth0_vlan: entered promiscuous mode [ 51.427619][ T5941] veth1_macvtap: entered promiscuous mode [ 51.451263][ T5953] veth1_vlan: entered promiscuous mode [ 51.465977][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 51.485051][ T5949] veth0_macvtap: entered promiscuous mode [ 51.488529][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 51.491384][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 51.491927][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 51.499108][ T5949] veth1_macvtap: entered promiscuous mode [ 51.517733][ T5941] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.520531][ T5941] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.523193][ T5941] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.526878][ T5941] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.536863][ T5953] veth0_macvtap: entered promiscuous mode [ 51.539591][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 51.542253][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 51.554618][ T5953] veth1_macvtap: entered promiscuous mode [ 51.560646][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 51.574975][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 51.584663][ T5949] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.587090][ T5940] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 51.588244][ T5949] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.596286][ T5949] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.599332][ T5949] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.605485][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 51.627273][ T5953] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 51.666229][ T5953] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.669720][ T5953] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.672779][ T5953] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.676036][ T5953] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 51.681195][ T1187] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 51.684275][ T1187] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 51.715196][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 51.718404][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 51.757417][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 51.760374][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 51.779760][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 51.784827][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 51.790845][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 51.798833][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 51.838998][ T1187] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 51.841586][ T1187] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 51.883914][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.887740][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.891388][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 52.423967][ T5946] Bluetooth: hci1: command tx timeout [ 52.424145][ T5948] Bluetooth: hci0: command tx timeout [ 52.424173][ T5955] Bluetooth: hci2: command tx timeout [ 52.431925][ T6027] random: crng reseeded on system resumption [ 52.434412][ T5948] Bluetooth: hci3: command tx timeout [ 52.493017][ T6031] FAULT_INJECTION: forcing a failure. [ 52.493017][ T6031] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 52.499644][ T6031] CPU: 3 UID: 0 PID: 6031 Comm: syz.3.6 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(full) [ 52.499658][ T6031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 52.499664][ T6031] Call Trace: [ 52.499668][ T6031] [ 52.499672][ T6031] dump_stack_lvl+0x16c/0x1f0 [ 52.499704][ T6031] should_fail_ex+0x512/0x640 [ 52.499717][ T6031] _copy_from_user+0x2e/0xd0 [ 52.499729][ T6031] do_handle_open+0x61b/0xb70 [ 52.499745][ T6031] ? __pfx_do_handle_open+0x10/0x10 [ 52.499762][ T6031] ? ksys_write+0x1ac/0x250 [ 52.499777][ T6031] ? __do_fast_syscall_32+0x73/0x120 [ 52.499791][ T6031] __do_fast_syscall_32+0x73/0x120 [ 52.499806][ T6031] do_fast_syscall_32+0x32/0x80 [ 52.499821][ T6031] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 52.499834][ T6031] RIP: 0023:0xf7fb6579 [ 52.499843][ T6031] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 52.499852][ T6031] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000156 [ 52.499862][ T6031] RAX: ffffffffffffffda RBX: 00000000ffffff9c RCX: 00000000800000c0 [ 52.499868][ T6031] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 52.499873][ T6031] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 52.499879][ T6031] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 52.499884][ T6031] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 52.499896][ T6031] [ 52.557197][ T6035] ip6tnl1: entered promiscuous mode [ 52.557217][ T6035] ip6tnl1: entered allmulticast mode [ 52.558481][ T6035] team0: Device ip6tnl1 is of different type [ 52.817027][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 54.098634][ T6067] QAT: Stopping all acceleration devices. [ 54.145687][ T6068] Zero length message leads to an empty skb [ 54.184028][ T6068] hub 9-0:1.0: USB hub found [ 54.186982][ T6068] hub 9-0:1.0: 1 port detected [ 54.385477][ T6072] nftables ruleset with unbound set [ 54.405050][ T6081] netlink: 4 bytes leftover after parsing attributes in process `syz.3.22'. [ 54.503604][ T5948] Bluetooth: hci1: command tx timeout [ 54.503909][ T5946] Bluetooth: hci2: command tx timeout [ 54.506603][ T6083] hub 9-0:1.0: USB hub found [ 54.506629][ T5948] Bluetooth: hci3: command tx timeout [ 54.506663][ T5948] Bluetooth: hci0: command tx timeout [ 54.513702][ T6083] hub 9-0:1.0: 1 port detected [ 54.576730][ T6085] syz.1.23 uses obsolete (PF_INET,SOCK_PACKET) [ 54.586769][ T6085] overlay: filesystem on ./bus not supported [ 54.690261][ T6086] sch_tbf: burst 32855 is lower than device lo mtu (65550) ! [ 55.422539][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 55.428193][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 55.430964][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 55.441533][ T6101] ======================================================= [ 55.441533][ T6101] WARNING: The mand mount option has been deprecated and [ 55.441533][ T6101] and is ignored by this kernel. Remove the mand [ 55.441533][ T6101] option from the mount to silence this warning. [ 55.441533][ T6101] ======================================================= [ 55.769985][ T6115] vivid-006: disconnect [ 56.480261][ T1971] cfg80211: failed to load regulatory.db [ 56.547424][ T6112] vivid-006: reconnect [ 56.583507][ T5946] Bluetooth: hci2: command tx timeout [ 56.593576][ T5955] Bluetooth: hci3: command tx timeout [ 56.596341][ T5955] Bluetooth: hci1: command tx timeout [ 56.598838][ T5946] Bluetooth: hci0: command tx timeout [ 56.782189][ T6137] syz.1.38: attempt to access beyond end of device [ 56.782189][ T6137] nbd1: rw=0, sector=64, nr_sectors = 1 limit=0 [ 56.787965][ T6137] syz.1.38: attempt to access beyond end of device [ 56.787965][ T6137] nbd1: rw=0, sector=256, nr_sectors = 1 limit=0 [ 56.792262][ T6137] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 56.797137][ T6137] syz.1.38: attempt to access beyond end of device [ 56.797137][ T6137] nbd1: rw=0, sector=512, nr_sectors = 1 limit=0 [ 56.802113][ T6137] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 56.807327][ T6137] syz.1.38: attempt to access beyond end of device [ 56.807327][ T6137] nbd1: rw=0, sector=64, nr_sectors = 2 limit=0 [ 56.814358][ T6137] syz.1.38: attempt to access beyond end of device [ 56.814358][ T6137] nbd1: rw=0, sector=512, nr_sectors = 2 limit=0 [ 56.820039][ T6137] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 56.825102][ T6137] syz.1.38: attempt to access beyond end of device [ 56.825102][ T6137] nbd1: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 56.830839][ T6137] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 56.835057][ T6137] syz.1.38: attempt to access beyond end of device [ 56.835057][ T6137] nbd1: rw=0, sector=64, nr_sectors = 4 limit=0 [ 56.844387][ T6137] syz.1.38: attempt to access beyond end of device [ 56.844387][ T6137] nbd1: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 56.849985][ T6137] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 56.853880][ T6137] syz.1.38: attempt to access beyond end of device [ 56.853880][ T6137] nbd1: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 56.859294][ T6137] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 56.863740][ T6137] syz.1.38: attempt to access beyond end of device [ 56.863740][ T6137] nbd1: rw=0, sector=64, nr_sectors = 8 limit=0 [ 56.869114][ T6137] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=256, location=256 [ 56.872441][ T6137] UDF-fs: error (device nbd1): udf_read_tagged: read failed, block=512, location=512 [ 56.882234][ T6137] UDF-fs: warning (device nbd1): udf_fill_super: No partition found (1) [ 56.997381][ T6147] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 57.001780][ T6147] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 57.006431][ T6147] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 57.009687][ T6147] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 57.013077][ T6147] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 57.016302][ T6147] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 57.019906][ T6147] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=256, location=256 [ 57.023251][ T6147] UDF-fs: error (device nbd0): udf_read_tagged: read failed, block=512, location=512 [ 57.027377][ T6147] UDF-fs: warning (device nbd0): udf_fill_super: No partition found (1) [ 57.099945][ T6149] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 57.109886][ T6149] FAULT_INJECTION: forcing a failure. [ 57.109886][ T6149] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 57.114117][ T6149] CPU: 2 UID: 0 PID: 6149 Comm: syz.0.42 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(full) [ 57.114132][ T6149] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 57.114151][ T6149] Call Trace: [ 57.114156][ T6149] [ 57.114160][ T6149] dump_stack_lvl+0x16c/0x1f0 [ 57.114178][ T6149] should_fail_ex+0x512/0x640 [ 57.114192][ T6149] _copy_from_user+0x2e/0xd0 [ 57.114205][ T6149] move_addr_to_kernel+0x65/0x170 [ 57.114224][ T6149] __sys_connect+0xb1/0x160 [ 57.114234][ T6149] ? __pfx___sys_connect+0x10/0x10 [ 57.114248][ T6149] ? __pfx_ksys_write+0x10/0x10 [ 57.114262][ T6149] __ia32_sys_connect+0x71/0xb0 [ 57.114271][ T6149] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 57.114287][ T6149] __do_fast_syscall_32+0x73/0x120 [ 57.114303][ T6149] do_fast_syscall_32+0x32/0x80 [ 57.114317][ T6149] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 57.114330][ T6149] RIP: 0023:0xf703e579 [ 57.114339][ T6149] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 57.114348][ T6149] RSP: 002b:00000000f502e55c EFLAGS: 00000296 ORIG_RAX: 000000000000016a [ 57.114358][ T6149] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 0000000080000040 [ 57.114364][ T6149] RDX: 000000000000001c RSI: 0000000000000000 RDI: 0000000000000000 [ 57.114369][ T6149] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 57.114375][ T6149] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 57.114381][ T6149] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 57.114392][ T6149] [ 57.178932][ C2] vkms_vblank_simulate: vblank timer overrun [ 58.456889][ T6194] ip6t_rpfilter: unknown options [ 59.723956][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 59.863582][ T6218] hub 9-0:1.0: USB hub found [ 59.865555][ T6218] hub 9-0:1.0: 1 port detected [ 60.042107][ T0] NOHZ tick-stop error: local softirq work is pending, handler #100!!! [ 60.045046][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 60.061599][ T6224] (unnamed net_device) (uninitialized): option primary: mode dependency failed, not supported in mode 802.3ad(4) [ 60.292937][ T6227] netlink: 40 bytes leftover after parsing attributes in process `syz.2.69'. [ 60.405155][ T6227] input: syz1 as /devices/virtual/input/input5 [ 60.482405][ T6230] kvm: Disabled LAPIC found during irq injection [ 60.488425][ T6230] netlink: 8 bytes leftover after parsing attributes in process `syz.3.70'. [ 60.494530][ T6230] dlm: plock device version mismatch: kernel (1.2.0), user (4207673345.1574799195.3139252685) [ 60.657901][ T6235] netlink: 'syz.3.71': attribute type 1 has an invalid length. [ 61.343993][ T6248] FAULT_INJECTION: forcing a failure. [ 61.343993][ T6248] name failslab, interval 1, probability 0, space 0, times 0 [ 61.348790][ T6248] CPU: 3 UID: 0 PID: 6248 Comm: syz.1.75 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(full) [ 61.348821][ T6248] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 61.348829][ T6248] Call Trace: [ 61.348835][ T6248] [ 61.348840][ T6248] dump_stack_lvl+0x16c/0x1f0 [ 61.348864][ T6248] should_fail_ex+0x512/0x640 [ 61.348883][ T6248] should_failslab+0xc2/0x120 [ 61.348901][ T6248] kmem_cache_alloc_noprof+0x6d/0x3b0 [ 61.348918][ T6248] ? skb_clone+0x190/0x3f0 [ 61.348938][ T6248] skb_clone+0x190/0x3f0 [ 61.348955][ T6248] netlink_deliver_tap+0xabd/0xd30 [ 61.348977][ T6248] netlink_unicast+0x5df/0x7f0 [ 61.348998][ T6248] ? __pfx_netlink_unicast+0x10/0x10 [ 61.349022][ T6248] netlink_sendmsg+0x8d1/0xdd0 [ 61.349044][ T6248] ? __pfx_netlink_sendmsg+0x10/0x10 [ 61.349063][ T6248] ? __import_iovec+0x1dd/0x650 [ 61.349084][ T6248] ____sys_sendmsg+0xa98/0xc70 [ 61.349107][ T6248] ? __pfx_____sys_sendmsg+0x10/0x10 [ 61.349125][ T6248] ? get_compat_msghdr+0x11a/0x170 [ 61.349151][ T6248] ___sys_sendmsg+0x134/0x1d0 [ 61.349168][ T6248] ? __pfx____sys_sendmsg+0x10/0x10 [ 61.349182][ T6248] ? __lock_acquire+0x622/0x1c90 [ 61.349228][ T6248] __sys_sendmsg+0x16d/0x220 [ 61.349244][ T6248] ? __pfx___sys_sendmsg+0x10/0x10 [ 61.349270][ T6248] ? rcu_is_watching+0x12/0xc0 [ 61.349299][ T6248] __do_fast_syscall_32+0x73/0x120 [ 61.349321][ T6248] do_fast_syscall_32+0x32/0x80 [ 61.349342][ T6248] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 61.349358][ T6248] RIP: 0023:0xf7f85579 [ 61.349369][ T6248] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 61.349382][ T6248] RSP: 002b:00000000f508555c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 61.349396][ T6248] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 00000000800000c0 [ 61.349404][ T6248] RDX: 0000000000000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 61.349412][ T6248] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 61.349420][ T6248] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 61.349428][ T6248] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 61.349446][ T6248] [ 62.324796][ T6267] ptm ptm0: ldisc open failed (-12), clearing slot 0 [ 62.384533][ T6270] netlink: 8 bytes leftover after parsing attributes in process `syz.1.78'. [ 63.477819][ T6283] netlink: 136 bytes leftover after parsing attributes in process `syz.3.83'. [ 63.545883][ T6286] netlink: 32 bytes leftover after parsing attributes in process `syz.2.84'. [ 63.900840][ T6294] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 64.345959][ T6299] netlink: 8 bytes leftover after parsing attributes in process `syz.3.87'. [ 65.602243][ T6320] netlink: 'syz.1.95': attribute type 8 has an invalid length. [ 65.611926][ T6320] netlink: 'syz.1.95': attribute type 3 has an invalid length. [ 65.615827][ T6320] netlink: 224 bytes leftover after parsing attributes in process `syz.1.95'. [ 65.733242][ T6325] netlink: 8 bytes leftover after parsing attributes in process `syz.1.97'. [ 65.856051][ T6328] input: syz0 as /devices/virtual/input/input6 [ 65.877111][ T6321] hub 9-0:1.0: USB hub found [ 65.885772][ T6321] hub 9-0:1.0: 1 port detected [ 65.920134][ T6328] netlink: 256 bytes leftover after parsing attributes in process `syz.1.98'. [ 66.445874][ T6364] kvm: Disabled LAPIC found during irq injection [ 66.560706][ T6372] netlink: 4 bytes leftover after parsing attributes in process `syz.0.102'. [ 66.565052][ T6372] netlink: 173 bytes leftover after parsing attributes in process `syz.0.102'. [ 67.943657][ T5946] Bluetooth: hci0: command 0x0c1a tx timeout [ 67.943684][ T53] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 67.949054][ T53] Bluetooth: hci0: Error when powering off device on rfkill (-110) [ 70.023616][ T5946] Bluetooth: hci1: command 0x0c1a tx timeout [ 70.023631][ T53] Bluetooth: hci1: Opcode 0x0c1a failed: -110 [ 70.027877][ T53] Bluetooth: hci1: Error when powering off device on rfkill (-110) [ 70.828920][ T1418] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.831904][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 72.103595][ T53] Bluetooth: hci2: Opcode 0x0c1a failed: -110 [ 72.104208][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout [ 72.105743][ T53] Bluetooth: hci2: Error when powering off device on rfkill (-110) [ 74.183534][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout [ 74.183533][ T53] Bluetooth: hci3: Opcode 0x0c1a failed: -110 [ 74.183554][ T53] Bluetooth: hci3: Error when powering off device on rfkill (-110) [ 74.268323][ T6380] netlink: 244 bytes leftover after parsing attributes in process `syz.0.103'. [ 74.322298][ T6384] netlink: 8 bytes leftover after parsing attributes in process `syz.3.106'. [ 74.495382][ T6399] Bluetooth: MGMT ver 1.23 [ 74.499799][ T6399] FAULT_INJECTION: forcing a failure. [ 74.499799][ T6399] name failslab, interval 1, probability 0, space 0, times 0 [ 74.504194][ T6399] CPU: 0 UID: 0 PID: 6399 Comm: syz.3.109 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(full) [ 74.504208][ T6399] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 74.504214][ T6399] Call Trace: [ 74.504218][ T6399] [ 74.504222][ T6399] dump_stack_lvl+0x16c/0x1f0 [ 74.504241][ T6399] should_fail_ex+0x512/0x640 [ 74.504254][ T6399] should_failslab+0xc2/0x120 [ 74.504267][ T6399] kmem_cache_alloc_node_noprof+0x71/0x3b0 [ 74.504278][ T6399] ? trace_kmem_cache_alloc+0x28/0xc0 [ 74.504291][ T6399] ? kmem_cache_alloc_node_noprof+0x225/0x3b0 [ 74.504305][ T6399] ? __alloc_skb+0x2b2/0x380 [ 74.504325][ T6399] __alloc_skb+0x2b2/0x380 [ 74.504340][ T6399] ? __pfx___alloc_skb+0x10/0x10 [ 74.504359][ T6399] ? __alloc_skb+0x200/0x380 [ 74.504376][ T6399] ? __pfx___alloc_skb+0x10/0x10 [ 74.504392][ T6399] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 74.504417][ T6399] create_monitor_ctrl_event+0x3b/0x450 [ 74.504445][ T6399] mgmt_cmd_status+0x29e/0x510 [ 74.504461][ T6399] set_debug_keys+0x411/0x5d0 [ 74.504474][ T6399] ? __pfx_set_debug_keys+0x10/0x10 [ 74.504484][ T6399] ? __pfx_delayed_work_timer_fn+0x10/0x10 [ 74.504499][ T6399] ? lockdep_init_map_type+0x5c/0x280 [ 74.504512][ T6399] ? do_init_timer+0xc9/0x110 [ 74.504528][ T6399] ? __pfx_mgmt_init_hdev+0x10/0x10 [ 74.504539][ T6399] hci_sock_sendmsg+0x151f/0x25e0 [ 74.504551][ T6399] ? __pfx_hci_sock_sendmsg+0x10/0x10 [ 74.504564][ T6399] sock_write_iter+0x4fc/0x5b0 [ 74.504579][ T6399] ? __pfx_sock_write_iter+0x10/0x10 [ 74.504598][ T6399] ? bpf_lsm_file_permission+0x9/0x10 [ 74.504612][ T6399] ? security_file_permission+0x71/0x210 [ 74.504628][ T6399] ? rw_verify_area+0xcf/0x680 [ 74.504645][ T6399] vfs_write+0x6c7/0x1150 [ 74.504655][ T6399] ? __pfx_sock_write_iter+0x10/0x10 [ 74.504670][ T6399] ? __pfx_vfs_write+0x10/0x10 [ 74.504679][ T6399] ? find_held_lock+0x2b/0x80 [ 74.504701][ T6399] ksys_write+0x1f8/0x250 [ 74.504714][ T6399] ? __pfx_ksys_write+0x10/0x10 [ 74.504734][ T6399] ? rcu_is_watching+0x12/0xc0 [ 74.504760][ T6399] __do_fast_syscall_32+0x73/0x120 [ 74.504785][ T6399] do_fast_syscall_32+0x32/0x80 [ 74.504809][ T6399] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 74.504829][ T6399] RIP: 0023:0xf7fb6579 [ 74.504844][ T6399] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 74.504858][ T6399] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 0000000000000004 [ 74.504873][ T6399] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000080000000 [ 74.504883][ T6399] RDX: 0000000000000007 RSI: 0000000000000000 RDI: 0000000000000000 [ 74.504892][ T6399] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 74.504901][ T6399] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 74.504910][ T6399] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 74.504932][ T6399] [ 74.659450][ T6408] kvm: Disabled LAPIC found during irq injection [ 74.740864][ T6414] hub 9-0:1.0: USB hub found [ 74.743838][ T6414] hub 9-0:1.0: 1 port detected [ 75.157503][ T6424] bridge_slave_0: left allmulticast mode [ 75.159748][ T6424] bridge_slave_0: left promiscuous mode [ 75.163488][ T6424] bridge0: port 1(bridge_slave_0) entered disabled state [ 75.217841][ T6425] fuse: Bad value for 'fd' [ 75.247035][ T6424] bridge_slave_1: left allmulticast mode [ 75.253767][ T6424] bridge_slave_1: left promiscuous mode [ 75.269217][ T6424] bridge0: port 2(bridge_slave_1) entered disabled state [ 75.289966][ T6426] netlink: 788 bytes leftover after parsing attributes in process `syz.0.112'. [ 75.368686][ T6424] bond0: (slave bond_slave_0): Releasing backup interface [ 75.392121][ T6424] bond0: (slave bond_slave_1): Releasing backup interface [ 75.476447][ T6424] team0: Port device team_slave_0 removed [ 75.495522][ T6424] team0: Port device team_slave_1 removed [ 75.502093][ T6424] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 75.505573][ T6424] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 75.513042][ T6424] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 75.515863][ T6424] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 76.480788][ T6441] kvm: Disabled LAPIC found during irq injection [ 76.486174][ T6441] netlink: 8 bytes leftover after parsing attributes in process `syz.3.117'. [ 76.492208][ T6441] dlm: plock device version mismatch: kernel (1.2.0), user (4207673345.1574799195.3139252685) [ 76.610205][ T6444] kvm: Disabled LAPIC found during irq injection [ 76.618257][ T6446] netlink: 4 bytes leftover after parsing attributes in process `syz.3.119'. [ 76.621553][ T6446] netlink: 173 bytes leftover after parsing attributes in process `syz.3.119'. [ 76.687959][ T6444] netlink: 8 bytes leftover after parsing attributes in process `syz.1.118'. [ 76.697992][ T6444] dlm: plock device version mismatch: kernel (1.2.0), user (4207673345.1574799195.3139252685) [ 77.046922][ T6450] bridge_slave_0: left allmulticast mode [ 77.049455][ T6450] bridge_slave_0: left promiscuous mode [ 77.054518][ T6450] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.060098][ T6450] bridge_slave_1: left allmulticast mode [ 77.062486][ T6450] bridge_slave_1: left promiscuous mode [ 77.069838][ T6450] bridge0: port 2(bridge_slave_1) entered disabled state [ 77.091096][ T6450] bond0: (slave bond_slave_0): Releasing backup interface [ 77.093965][ T6457] netlink: 788 bytes leftover after parsing attributes in process `syz.3.120'. [ 77.100669][ T6450] bond0: (slave bond_slave_1): Releasing backup interface [ 77.208635][ T6450] team0: Port device team_slave_0 removed [ 77.244294][ T6460] hub 9-0:1.0: USB hub found [ 77.247112][ T6460] hub 9-0:1.0: 1 port detected [ 77.268706][ T6450] team0: Port device team_slave_1 removed [ 77.278520][ T6450] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 77.283858][ T6450] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 77.287945][ T6462] overlay: filesystem on ./bus not supported [ 77.294754][ T6450] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 77.301285][ T6450] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 77.623683][ T6464] dlm: no local IP address has been set [ 77.625577][ T6464] dlm: cannot start dlm midcomms -107 [ 78.076021][ T6474] netlink: 16 bytes leftover after parsing attributes in process `syz.1.125'. [ 78.459442][ T6483] netlink: 40 bytes leftover after parsing attributes in process `syz.2.129'. [ 78.463240][ T6483] afs: Unknown parameter 'dyn€4' [ 78.528723][ T6485] kvm: Disabled LAPIC found during irq injection [ 78.537410][ T6485] dlm: plock device version mismatch: kernel (1.2.0), user (4207673345.1574799195.3139252685) [ 79.338698][ T6498] __nla_validate_parse: 2 callbacks suppressed [ 79.338708][ T6498] netlink: 40 bytes leftover after parsing attributes in process `syz.3.133'. [ 79.341810][ T6499] overlay: filesystem on ./bus not supported [ 79.606452][ T6511] 9pnet: p9_errstr2errno: server reported unknown error [ 79.665521][ T6509] hub 9-0:1.0: USB hub found [ 79.667735][ T6509] hub 9-0:1.0: 1 port detected [ 79.768531][ T6520] overlay: filesystem on ./bus not supported [ 79.787181][ T6521] bridge_slave_0: left allmulticast mode [ 79.789268][ T6521] bridge_slave_0: left promiscuous mode [ 79.791682][ T6521] bridge0: port 1(bridge_slave_0) entered disabled state [ 79.830851][ T6521] bridge_slave_1: left allmulticast mode [ 79.841851][ T6521] bridge_slave_1: left promiscuous mode [ 79.845690][ T6526] netlink: 32 bytes leftover after parsing attributes in process `syz.0.145'. [ 79.846028][ T6525] netlink: 788 bytes leftover after parsing attributes in process `syz.1.138'. [ 79.852728][ T6521] bridge0: port 2(bridge_slave_1) entered disabled state [ 79.872317][ T6521] bond0: (slave bond_slave_0): Releasing backup interface [ 79.883141][ T6521] bond0: (slave bond_slave_1): Releasing backup interface [ 79.909520][ T6521] team0: Port device team_slave_0 removed [ 79.925650][ T6521] team0: Port device team_slave_1 removed [ 79.929362][ T6521] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 79.931957][ T6521] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 79.939807][ T6521] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 79.942424][ T6521] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 80.043639][ T5985] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 80.233659][ T5985] usb 7-1: Using ep0 maxpacket: 8 [ 80.238254][ T5985] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 80.542320][ T5985] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 80.545936][ T5985] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 80.549672][ T5985] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 80.554243][ T5985] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 80.560473][ T5985] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 80.563690][ T5985] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 80.568199][ T5985] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 80.572166][ T5985] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 80.575716][ T5985] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 80.582244][ T5985] usb 7-1: config 168 descriptor has 1 excess byte, ignoring [ 80.584884][ T5985] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 255, changing to 11 [ 80.589483][ T5985] usb 7-1: config 168 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 80.593674][ T5985] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 80.597403][ T5985] usb 7-1: config 168 interface 0 altsetting 0 endpoint 0x8F has invalid maxpacket 59391, setting to 1024 [ 80.603730][ T5985] usb 7-1: string descriptor 0 read error: -22 [ 80.605852][ T5985] usb 7-1: New USB device found, idVendor=0a07, idProduct=0064, bcdDevice=40.6e [ 80.609629][ T5985] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 80.625303][ T5985] adutux 7-1:168.0: ADU100 now attached to /dev/usb/adutux0 [ 80.735707][ T6538] kvm: Disabled LAPIC found during irq injection [ 80.740884][ T6538] netlink: 8 bytes leftover after parsing attributes in process `syz.1.148'. [ 80.747084][ T6538] dlm: plock device version mismatch: kernel (1.2.0), user (4207673345.1574799195.3139252685) [ 81.098936][ T6552] netlink: 4 bytes leftover after parsing attributes in process `syz.0.151'. [ 81.101199][ T6552] netlink: 173 bytes leftover after parsing attributes in process `syz.0.151'. [ 81.136819][ T6554] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 81.513460][ T6562] netlink: 32 bytes leftover after parsing attributes in process `syz.3.154'. [ 81.545989][ T6564] xt_SECMARK: invalid mode: 0 [ 81.768095][ T40] audit: type=1326 audit(1748331815.839:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.1.159" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000 [ 81.774683][ T40] audit: type=1326 audit(1748331815.839:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.1.159" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000 [ 81.776038][ T6575] FAULT_INJECTION: forcing a failure. [ 81.776038][ T6575] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 81.776800][ T6575] [ 81.776807][ T6575] ====================================================== [ 81.776812][ T6575] WARNING: possible circular locking dependency detected [ 81.776818][ T6575] 6.15.0-syzkaller-01958-g785cdec46e92 #0 Not tainted [ 81.776828][ T6575] ------------------------------------------------------ [ 81.776833][ T6575] syz.1.159/6575 is trying to acquire lock: [ 81.776841][ T6575] ffffffff8e2cf8a0 (console_owner){-...}-{0:0}, at: vprintk_emit+0x4d4/0x6d0 [ 81.776887][ T6575] [ 81.776887][ T6575] but task is already holding lock: [ 81.776891][ T6575] ffff88802b23a318 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 81.776931][ T6575] [ 81.776931][ T6575] which lock already depends on the new lock. [ 81.776931][ T6575] [ 81.776935][ T6575] [ 81.776935][ T6575] the existing dependency chain (in reverse order) is: [ 81.776940][ T6575] [ 81.776940][ T6575] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 81.776959][ T6575] _raw_spin_lock_nested+0x31/0x40 [ 81.776979][ T6575] raw_spin_rq_lock_nested+0x29/0x130 [ 81.777000][ T6575] task_rq_lock+0xcf/0x490 [ 81.777020][ T6575] cgroup_move_task+0x81/0x2a0 [ 81.777032][ T6575] css_set_move_task+0x288/0x5f0 [ 81.777048][ T6575] cgroup_post_fork+0x201/0x9e0 [ 81.777065][ T6575] copy_process+0x4ff5/0x9170 [ 81.777079][ T6575] kernel_clone+0xfc/0x960 [ 81.777093][ T6575] user_mode_thread+0xc7/0x110 [ 81.777107][ T6575] rest_init+0x23/0x2b0 [ 81.777121][ T6575] start_kernel+0x3e9/0x4d0 [ 81.777137][ T6575] x86_64_start_reservations+0x18/0x30 [ 81.777155][ T6575] x86_64_start_kernel+0x130/0x190 [ 81.777171][ T6575] common_startup_64+0x13e/0x148 [ 81.777193][ T6575] [ 81.777193][ T6575] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 81.777212][ T6575] _raw_spin_lock_irqsave+0x3a/0x60 [ 81.777230][ T6575] try_to_wake_up+0xb2/0x1680 [ 81.777250][ T6575] __wake_up_common+0x135/0x1f0 [ 81.777276][ T6575] __wake_up+0x31/0x60 [ 81.777288][ T6575] tty_port_default_wakeup+0x2a/0x40 [ 81.777305][ T6575] serial8250_tx_chars+0x68e/0x860 [ 81.777320][ T6575] serial8250_handle_irq+0x761/0xcb0 [ 81.777337][ T6575] serial8250_default_handle_irq+0x9a/0x210 [ 81.777355][ T6575] serial8250_interrupt+0x106/0x210 [ 81.777373][ T6575] __handle_irq_event_percpu+0x229/0x7d0 [ 81.777395][ T6575] handle_irq_event+0xab/0x1e0 [ 81.777415][ T6575] handle_edge_irq+0x263/0xd10 [ 81.777434][ T6575] __common_interrupt+0xdf/0x250 [ 81.777449][ T6575] common_interrupt+0xba/0xe0 [ 81.777464][ T6575] asm_common_interrupt+0x26/0x40 [ 81.777480][ T6575] pv_native_safe_halt+0xf/0x20 [ 81.777499][ T6575] default_idle+0x13/0x20 [ 81.777511][ T6575] default_idle_call+0x6d/0xb0 [ 81.777524][ T6575] do_idle+0x391/0x510 [ 81.777545][ T6575] cpu_startup_entry+0x4f/0x60 [ 81.777567][ T6575] start_secondary+0x21d/0x2b0 [ 81.777583][ T6575] common_startup_64+0x13e/0x148 [ 81.777603][ T6575] [ 81.777603][ T6575] -> #2 (&tty->write_wait){-...}-{3:3}: [ 81.777621][ T6575] _raw_spin_lock_irqsave+0x3a/0x60 [ 81.777639][ T6575] __wake_up+0x1c/0x60 [ 81.777652][ T6575] tty_port_default_wakeup+0x2a/0x40 [ 81.777668][ T6575] serial8250_tx_chars+0x68e/0x860 [ 81.777680][ T6575] serial8250_handle_irq+0x761/0xcb0 [ 81.777694][ T6575] serial8250_default_handle_irq+0x9a/0x210 [ 81.777713][ T6575] serial8250_interrupt+0x106/0x210 [ 81.777730][ T6575] __handle_irq_event_percpu+0x229/0x7d0 [ 81.777751][ T6575] handle_irq_event+0xab/0x1e0 [ 81.777770][ T6575] handle_edge_irq+0x263/0xd10 [ 81.777787][ T6575] __common_interrupt+0xdf/0x250 [ 81.777801][ T6575] common_interrupt+0xba/0xe0 [ 81.777836][ T6575] asm_common_interrupt+0x26/0x40 [ 81.777848][ T6575] pv_native_safe_halt+0xf/0x20 [ 81.777864][ T6575] default_idle+0x13/0x20 [ 81.777874][ T6575] default_idle_call+0x6d/0xb0 [ 81.777885][ T6575] do_idle+0x391/0x510 [ 81.777904][ T6575] cpu_startup_entry+0x4f/0x60 [ 81.777926][ T6575] start_secondary+0x21d/0x2b0 [ 81.777941][ T6575] common_startup_64+0x13e/0x148 [ 81.777961][ T6575] [ 81.777961][ T6575] -> #1 (&port_lock_key){-...}-{3:3}: [ 81.777981][ T6575] _raw_spin_lock_irqsave+0x3a/0x60 [ 81.777998][ T6575] serial8250_console_write+0x181/0x1890 [ 81.778016][ T6575] console_flush_all+0x801/0xc60 [ 81.778037][ T6575] console_unlock+0xd8/0x210 [ 81.778055][ T6575] vprintk_emit+0x418/0x6d0 [ 81.778073][ T6575] _printk+0xc7/0x100 [ 81.778088][ T6575] register_console+0xc2d/0x11b0 [ 81.778108][ T6575] univ8250_console_init+0x5f/0x90 [ 81.778129][ T6575] console_init+0x14f/0x680 [ 81.778148][ T6575] start_kernel+0x29f/0x4d0 [ 81.778162][ T6575] x86_64_start_reservations+0x18/0x30 [ 81.778179][ T6575] x86_64_start_kernel+0x130/0x190 [ 81.778193][ T6575] common_startup_64+0x13e/0x148 [ 81.778212][ T6575] [ 81.778212][ T6575] -> #0 (console_owner){-...}-{0:0}: [ 81.778231][ T6575] __lock_acquire+0x126f/0x1c90 [ 81.778248][ T6575] lock_acquire+0x179/0x350 [ 81.778268][ T6575] vprintk_emit+0x4e5/0x6d0 [ 81.778287][ T6575] _printk+0xc7/0x100 [ 81.778301][ T6575] should_fail_ex+0x4e7/0x640 [ 81.778315][ T6575] strncpy_from_user+0x3b/0x2e0 [ 81.778337][ T6575] strncpy_from_user_nofault+0x7f/0x180 [ 81.778356][ T6575] bpf_probe_read_compat_str+0xe8/0x180 [ 81.778370][ T6575] bpf_prog_c1796171ffc7efef+0x3e/0x44 [ 81.778382][ T6575] bpf_trace_run4+0x249/0x5a0 [ 81.778396][ T6575] __bpf_trace_sched_switch+0x145/0x190 [ 81.778411][ T6575] __schedule+0x1bee/0x5de0 [ 81.778422][ T6575] preempt_schedule_common+0x44/0xc0 [ 81.778433][ T6575] preempt_schedule_thunk+0x16/0x30 [ 81.778445][ T6575] _raw_spin_unlock_irqrestore+0x61/0x80 [ 81.778456][ T6575] debug_check_no_obj_freed+0x31f/0x600 [ 81.778469][ T6575] kfree+0x28f/0x4d0 [ 81.778476][ T6575] audit_log_d_path+0x140/0x200 [ 81.778486][ T6575] audit_log_d_path_exe+0x46/0x70 [ 81.778496][ T6575] audit_log_task+0x31d/0x3f0 [ 81.778507][ T6575] audit_seccomp+0x79/0x1f0 [ 81.778520][ T6575] __seccomp_filter+0x7b6/0xea0 [ 81.778534][ T6575] __secure_computing+0x215/0x320 [ 81.778548][ T6575] syscall_trace_enter+0x89/0x260 [ 81.778560][ T6575] __do_fast_syscall_32+0xc2/0x120 [ 81.778573][ T6575] do_fast_syscall_32+0x32/0x80 [ 81.778586][ T6575] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 81.778598][ T6575] [ 81.778598][ T6575] other info that might help us debug this: [ 81.778598][ T6575] [ 81.778601][ T6575] Chain exists of: [ 81.778601][ T6575] console_owner --> &p->pi_lock --> &rq->__lock [ 81.778601][ T6575] [ 81.778615][ T6575] Possible unsafe locking scenario: [ 81.778615][ T6575] [ 81.778617][ T6575] CPU0 CPU1 [ 81.778619][ T6575] ---- ---- [ 81.778622][ T6575] lock(&rq->__lock); [ 81.778627][ T6575] lock(&p->pi_lock); [ 81.778633][ T6575] lock(&rq->__lock); [ 81.778639][ T6575] lock(console_owner); [ 81.778645][ T6575] [ 81.778645][ T6575] *** DEADLOCK *** [ 81.778645][ T6575] [ 81.778647][ T6575] 2 locks held by syz.1.159/6575: [ 81.778653][ T6575] #0: ffff88802b23a318 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 81.778678][ T6575] #1: ffffffff8e3c2440 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run4+0x1cf/0x5a0 [ 81.778700][ T6575] [ 81.778700][ T6575] stack backtrace: [ 81.778706][ T6575] CPU: 1 UID: 0 PID: 6575 Comm: syz.1.159 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(full) [ 81.778718][ T6575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.778724][ T6575] Call Trace: [ 81.778727][ T6575] [ 81.778731][ T6575] dump_stack_lvl+0x116/0x1f0 [ 81.778746][ T6575] print_circular_bug+0x275/0x350 [ 81.778756][ T6575] check_noncircular+0x14c/0x170 [ 81.778768][ T6575] __lock_acquire+0x126f/0x1c90 [ 81.778780][ T6575] lock_acquire+0x179/0x350 [ 81.778790][ T6575] ? vprintk_emit+0x4d4/0x6d0 [ 81.778804][ T6575] ? vprintk_emit+0x4c2/0x6d0 [ 81.778818][ T6575] vprintk_emit+0x4e5/0x6d0 [ 81.778832][ T6575] ? vprintk_emit+0x4d4/0x6d0 [ 81.778845][ T6575] ? __pfx_vprintk_emit+0x10/0x10 [ 81.778859][ T6575] ? __update_page_owner_handle+0x395/0x550 [ 81.778884][ T6575] _printk+0xc7/0x100 [ 81.778894][ T6575] ? __pfx__printk+0x10/0x10 [ 81.778905][ T6575] ? ___ratelimit+0x24c/0x570 [ 81.778917][ T6575] ? __pfx____ratelimit+0x10/0x10 [ 81.778931][ T6575] should_fail_ex+0x4e7/0x640 [ 81.778941][ T6575] strncpy_from_user+0x3b/0x2e0 [ 81.778956][ T6575] strncpy_from_user_nofault+0x7f/0x180 [ 81.778969][ T6575] bpf_probe_read_compat_str+0xe8/0x180 [ 81.778980][ T6575] bpf_prog_c1796171ffc7efef+0x3e/0x44 [ 81.778987][ T6575] bpf_trace_run4+0x249/0x5a0 [ 81.778998][ T6575] ? __pfx_bpf_trace_run4+0x10/0x10 [ 81.779009][ T6575] ? find_held_lock+0x2b/0x80 [ 81.779024][ T6575] ? psi_task_switch+0x201/0x8e0 [ 81.779033][ T6575] __bpf_trace_sched_switch+0x145/0x190 [ 81.779047][ T6575] ? __pfx___bpf_trace_sched_switch+0x10/0x10 [ 81.779063][ T6575] ? psi_task_switch+0x201/0x8e0 [ 81.779073][ T6575] __schedule+0x1bee/0x5de0 [ 81.779084][ T6575] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 81.779100][ T6575] ? put_dec_full8+0x2a0/0x2c0 [ 81.779111][ T6575] ? __pfx___schedule+0x10/0x10 [ 81.779123][ T6575] ? __lock_acquire+0xb8a/0x1c90 [ 81.779134][ T6575] ? rcu_is_watching+0x12/0xc0 [ 81.779148][ T6575] ? irqentry_exit+0x3b/0x90 [ 81.779160][ T6575] ? lockdep_hardirqs_on+0x7c/0x110 [ 81.779173][ T6575] ? preempt_schedule_thunk+0x16/0x30 [ 81.779184][ T6575] preempt_schedule_common+0x44/0xc0 [ 81.779197][ T6575] preempt_schedule_thunk+0x16/0x30 [ 81.779208][ T6575] _raw_spin_unlock_irqrestore+0x61/0x80 [ 81.779221][ T6575] debug_check_no_obj_freed+0x31f/0x600 [ 81.779234][ T6575] ? __pfx_prepend_path+0x10/0x10 [ 81.779247][ T6575] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 81.779261][ T6575] ? skb_put+0x138/0x1b0 [ 81.779281][ T6575] kfree+0x28f/0x4d0 [ 81.779288][ T6575] ? audit_log_d_path+0x140/0x200 [ 81.779299][ T6575] audit_log_d_path+0x140/0x200 [ 81.779310][ T6575] audit_log_d_path_exe+0x46/0x70 [ 81.779320][ T6575] audit_log_task+0x31d/0x3f0 [ 81.779332][ T6575] ? __pfx_audit_log_task+0x10/0x10 [ 81.779345][ T6575] ? __pfx_migrate_enable+0x10/0x10 [ 81.779357][ T6575] ? lockdep_hardirqs_on+0x7c/0x110 [ 81.779371][ T6575] audit_seccomp+0x79/0x1f0 [ 81.779385][ T6575] __seccomp_filter+0x7b6/0xea0 [ 81.779400][ T6575] ? __pfx___seccomp_filter+0x10/0x10 [ 81.779416][ T6575] ? __fget_files+0x20e/0x3c0 [ 81.779426][ T6575] __secure_computing+0x215/0x320 [ 81.779441][ T6575] syscall_trace_enter+0x89/0x260 [ 81.779454][ T6575] __do_fast_syscall_32+0xc2/0x120 [ 81.779468][ T6575] do_fast_syscall_32+0x32/0x80 [ 81.779482][ T6575] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 81.779494][ T6575] RIP: 0023:0xf7f85579 [ 81.779501][ T6575] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 81.779510][ T6575] RSP: 002b:00000000f50a6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 81.779519][ T6575] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f50a6620 [ 81.779525][ T6575] RDX: 000000000000000f RSI: 00000000f7412ff4 RDI: 0000000000000000 [ 81.779531][ T6575] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 81.779536][ T6575] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 81.779541][ T6575] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 81.779549][ T6575] [ 81.781121][ T40] audit: type=1326 audit(1748331815.839:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.1.159" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f85579 code=0x7ffc0000 [ 81.785211][ T6575] CPU: 1 UID: 0 PID: 6575 Comm: syz.1.159 Not tainted 6.15.0-syzkaller-01958-g785cdec46e92 #0 PREEMPT(full) [ 81.785225][ T6575] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 81.785232][ T6575] Call Trace: [ 81.785235][ T6575] [ 81.785239][ T6575] dump_stack_lvl+0x116/0x1f0 [ 81.785255][ T6575] should_fail_ex+0x512/0x640 [ 81.785270][ T6575] strncpy_from_user+0x3b/0x2e0 [ 81.785285][ T6575] strncpy_from_user_nofault+0x7f/0x180 [ 81.785299][ T6575] bpf_probe_read_compat_str+0xe8/0x180 [ 81.785309][ T6575] bpf_prog_c1796171ffc7efef+0x3e/0x44 [ 81.785317][ T6575] bpf_trace_run4+0x249/0x5a0 [ 81.785328][ T6575] ? __pfx_bpf_trace_run4+0x10/0x10 [ 81.785339][ T6575] ? find_held_lock+0x2b/0x80 [ 81.785353][ T6575] ? psi_task_switch+0x201/0x8e0 [ 81.785362][ T6575] __bpf_trace_sched_switch+0x145/0x190 [ 81.785377][ T6575] ? __pfx___bpf_trace_sched_switch+0x10/0x10 [ 81.785393][ T6575] ? psi_task_switch+0x201/0x8e0 [ 81.785402][ T6575] __schedule+0x1bee/0x5de0 [ 81.785414][ T6575] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 81.785431][ T6575] ? put_dec_full8+0x2a0/0x2c0 [ 81.785443][ T6575] ? __pfx___schedule+0x10/0x10 [ 81.785454][ T6575] ? __lock_acquire+0xb8a/0x1c90 [ 81.785465][ T6575] ? rcu_is_watching+0x12/0xc0 [ 81.785479][ T6575] ? irqentry_exit+0x3b/0x90 [ 81.785491][ T6575] ? lockdep_hardirqs_on+0x7c/0x110 [ 81.785504][ T6575] ? preempt_schedule_thunk+0x16/0x30 [ 81.785515][ T6575] preempt_schedule_common+0x44/0xc0 [ 81.785528][ T6575] preempt_schedule_thunk+0x16/0x30 [ 81.785539][ T6575] _raw_spin_unlock_irqrestore+0x61/0x80 [ 81.785552][ T6575] debug_check_no_obj_freed+0x31f/0x600 [ 81.785566][ T6575] ? __pfx_prepend_path+0x10/0x10 [ 81.785578][ T6575] ? __pfx_debug_check_no_obj_freed+0x10/0x10 [ 81.785593][ T6575] ? skb_put+0x138/0x1b0 [ 81.785608][ T6575] kfree+0x28f/0x4d0 [ 81.785617][ T6575] ? audit_log_d_path+0x140/0x200 [ 81.785628][ T6575] audit_log_d_path+0x140/0x200 [ 81.785639][ T6575] audit_log_d_path_exe+0x46/0x70 [ 81.785649][ T6575] audit_log_task+0x31d/0x3f0 [ 81.785662][ T6575] ? __pfx_audit_log_task+0x10/0x10 [ 81.785674][ T6575] ? __pfx_migrate_enable+0x10/0x10 [ 81.785687][ T6575] ? lockdep_hardirqs_on+0x7c/0x110 [ 81.785700][ T6575] audit_seccomp+0x79/0x1f0 [ 81.785715][ T6575] __seccomp_filter+0x7b6/0xea0 [ 81.785730][ T6575] ? __pfx___seccomp_filter+0x10/0x10 [ 81.785745][ T6575] ? __fget_files+0x20e/0x3c0 [ 81.785756][ T6575] __secure_computing+0x215/0x320 [ 81.785771][ T6575] syscall_trace_enter+0x89/0x260 [ 81.785783][ T6575] __do_fast_syscall_32+0xc2/0x120 [ 81.785798][ T6575] do_fast_syscall_32+0x32/0x80 [ 81.785836][ T6575] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 81.785849][ T6575] RIP: 0023:0xf7f85579 [ 81.785856][ T6575] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 81.785865][ T6575] RSP: 002b:00000000f50a6590 EFLAGS: 00000293 ORIG_RAX: 0000000000000003 [ 81.785874][ T6575] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000f50a6620 [ 81.785880][ T6575] RDX: 000000000000000f RSI: 00000000f7412ff4 RDI: 0000000000000000 [ 81.785886][ T6575] RBP: 0000000000000002 R08: 0000000000000000 R09: 0000000000000000 [ 81.785891][ T6575] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 81.785897][ T6575] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 81.785905][ T6575] [ 81.817636][ T6579] overlayfs: failed to resolve './file0': -2 [ 81.819879][ T40] audit: type=1326 audit(1748331815.839:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.1.159" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7f85579 code=0x7ffc0000 [ 82.275827][ T40] audit: type=1326 audit(1748331815.839:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.1.159" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f85579 code=0x7ffc0000 [ 82.284920][ T40] audit: type=1326 audit(1748331815.839:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.1.159" exe="/syz-executor" sig=0 arch=40000003 syscall=346 compat=1 ip=0xf7f85579 code=0x7ffc0000 [ 82.294825][ T40] audit: type=1326 audit(1748331815.839:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.1.159" exe="/syz-executor" sig=0 arch=40000003 syscall=6 compat=1 ip=0xf7f85579 code=0x7ffc0000 [ 82.303876][ T40] audit: type=1326 audit(1748331815.839:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.1.159" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000 [ 82.312824][ T40] audit: type=1326 audit(1748331815.839:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.1.159" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f85579 code=0x7ffc0000 [ 82.321939][ T40] audit: type=1326 audit(1748331815.839:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6574 comm="syz.1.159" exe="/syz-executor" sig=0 arch=40000003 syscall=313 compat=1 ip=0xf7f85579 code=0x7ffc0000 [ 83.228422][ T5985] usb 7-1: USB disconnect, device number 2 VM DIAGNOSIS: 07:43:36 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000000 RBX=ffff88802b43fcc0 RCX=ffffffff81aec81d RDX=ffff888025bda440 RSI=ffffffff81aec7f9 RDI=0000000000000005 RBP=0000000000000001 RSP=ffffc900048b7960 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000001 R12=dffffc0000000000 R13=0000000000000003 R14=ffffed1005687f99 R15=ffff88802b23b5c0 RIP=ffffffff81aec7fb RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880977b1000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=000000000e180000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=ffffffff81c6e27f RBX=ffffc90027823000 RCX=ffffffff81c6e2a1 RDX=ffff88801dae2440 RSI=ffffffff81c6e2b0 RDI=0000000000000005 RBP=1ffff9200008df4c RSP=ffffc9000046fa50 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000000 R14=ffffc90027823028 R15=ffffc9000046fa80 RIP=ffffffff81baccd8 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880978b1000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000000000000 CR3=000000002731f000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=000000000534c002 Opmask01=0000000000000000 Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000558765174c50 0000558765174c50 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fff04128430 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6c737973007325 2e73250064252e73 2500656c6f736e6f 632f7665642f000a ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a49565c56005600 0b56000041000b56 000040494a564b4a 460a5340410a000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3130322f31302f34 3020312b32316f70 627e322d332e3631 2e312d6e61696265 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343130322f31302f 343020312b32316f 70627e322d332e36 312e312d6e616962 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65642d332e36312e 3120534f4942202c 2939303032202c39 484349202b203533 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5128204350206472 61646e6174532055 4d4551203a656d61 6e20657261776472 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6148205d35373536 54205b5d35323235 38372e3138202020 5b203a6c656e7265 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff8552de85 RDI=ffffffff9ae1bc40 RBP=ffffffff9ae1bc00 RSP=ffffc9000067f888 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=732d302e35312e36 R12=0000000000000000 R13=0000000000000074 R14=ffffffff9ae1bc00 R15=ffffffff8552de20 RIP=ffffffff8552deaf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880979b1000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=000000006d52e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=ffffea0001888d40 RCX=ffffffff822bb861 RDX=ffff888025c84880 RSI=0000000000000000 RDI=0000000000000005 RBP=ffffffff8dcec440 RSP=ffffc90025767510 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000000 R11=0000000000007bff R12=0000000000000000 R13=0000000000000001 R14=0000000000000000 R15=0000000000000030 RIP=ffffffff81bac692 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097ab1000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=000000000e180000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000005000001 Opmask01=0000000000000001 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=00000000fffffff7 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffb08b082b 00007fffb08b082b ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffb08b0d30 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fffb08b0d30 0000003000000018 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e6f63007325 203a726f72726520 64656e7275746572 2072657672657300 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40514b4a46005600 051f574a57574005 41404b5750514057 0557405357405600 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 5f5f5f7866705f5f 203f20205d353735 3654205b5d373733 3538372e31382020 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 20296c6c75662854 504d454552502030 2320323965363463 656463353837672d ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 38353931302d7265 6c6c616b7a79732d 302e35312e362064 65746e6961742074 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f4e203935312e31 2e7a7973203a6d6d 6f43203537353620 3a4449502030203a ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4449552031203a55 5043205d35373536 54205b5d31313235 38372e3138202020 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 65746e656d676172 66206562206c6c69 7720656361667265 746e692073696874 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000