last executing test programs: 5.556728072s ago: executing program 0 (id=104): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x2, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e78, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0xc}, 0x80}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x40000) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket(0x2c, 0x4, 0x0) sched_setscheduler(r0, 0x1, &(0x7f0000000280)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f00000003c0)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file0\x00', 0x0) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000000c0)='blkio.throttle.io_service_bytes_recursive\x00', 0x275a, 0x0) write$binfmt_script(r3, &(0x7f0000000640)={'#! ', './file0', [{}, {0x20, 'rp\xee\xff\xe4'}, {0x20, '\x12~\x85\xecZ@\xb5\x18\xec\x182\xc9L\xdc\xb2\x81\xdam\xa8\xc5{\x92\x14\xce\xf2\xb8\xf7\xa9\xa7\x00X \x93t\x91!%\xff\x13\xdc\aIY\x0e\xb4zh\\\x06\r\xe8^Z\x81\xb8$:P\x83\x98_\xa1\x98\xd6\xd2g-\xefr\x14<\xd1\xb84\x94\xa09\x9f\x12I\xed\xd5dT#f\xb4\xf3\x88\xcf\xde\x00\xd4\x81WN\xca\xb5c\xbf\r\xb0Q\xa9\xbaC\xd2\xa2\x1d~\xc5D(\x92A\x12f\x83fn\xd0\xb6\x02\x116t:|\x94\xc7\xac\xf6\xbc~m\xd6\xd1\xe5\xe0\xdd\xc2\x9cl#\x85\xab\xe7\xa9\xcb\"\xd2\x97\x10\xa5\xa8\xc1\x8d@U\a]Gi^\xd2\xdf\xb0\xa5!\x836\x92\xc9\x92\xe4'}], 0xa, "7bad65c4da5338577feb172ca63250224c76e2027f000000000000007e2ac7fe2e31a2e87e3ee43ed92dfbb6bc0700de24db4ec870b8000000000000002c65e7495fe9afeb28bb60e91e23e104f6dbbf40e1fc2ab1a77fd9f6414e438f03"}, 0xfffffc43) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x40891, &(0x7f0000000080)={0xa, 0x4624, 0x0, @local}, 0x1c) 5.539268761s ago: executing program 2 (id=105): socket$inet_tcp(0x2, 0x1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x5, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000040)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x5885}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffd, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x4004, @fd_index=0x3, 0x0, 0x0}) io_uring_enter(r3, 0x3516, 0xe0ff, 0x0, 0x0, 0x0) 4.823840521s ago: executing program 1 (id=107): sendmsg$nl_xfrm(0xffffffffffffffff, 0x0, 0x4004) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r0, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) ptrace(0x10, 0x1) r2 = inotify_init1(0x0) inotify_add_watch(r2, 0x0, 0x400) bind$unix(r1, &(0x7f00000000c0)=@abs={0x1, 0x0, 0x4e23}, 0x6e) socket$nl_generic(0x10, 0x3, 0x10) io_uring_register$IORING_REGISTER_FILES_UPDATE2(0xffffffffffffffff, 0xd, &(0x7f0000000140)={0x7, 0x0, 0x0, 0x0}, 0x20) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r0, 0x8933, &(0x7f0000000340)={'batadv_slave_0\x00', 0x0}) ioctl$sock_inet6_SIOCDELRT(r3, 0x890c, &(0x7f00000000c0)={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @empty, 0x3, 0x78, 0xfff6, 0x0, 0x66ba, 0x40000040, r4}) 4.372645648s ago: executing program 0 (id=108): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x10, &(0x7f0000000100)=0xffff37e7, 0x4) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r1, 0x0, 0x0) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f00000000c0), 0x4) bpf$PROG_LOAD(0x5, 0x0, 0x0) acct(0x0) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x1, 0x0, 0x0, 0x0, 0xffffffff, 0x0, 0x0, 0x40f00, 0x67, '\x00', 0x0, @fallback=0x10, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0}, 0x94) socket$nl_route(0x10, 0x3, 0x0) open(0x0, 0x0, 0x80) creat(0x0, 0x0) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) r2 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$KDSIGACCEPT(r2, 0x5607, 0x2c) ioctl$TIOCL_SETVESABLANK(0xffffffffffffffff, 0x560e, &(0x7f0000000140)) r3 = syz_open_dev$tty1(0xc, 0x4, 0x4) ioctl$TIOCL_BLANKSCREEN(r3, 0x541c, &(0x7f0000000000)) 4.129360362s ago: executing program 2 (id=109): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfe, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0xffffffff, 0x11e41e7a, 0xffffffffffffffff, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x8000}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x2}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x14, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r3 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r3) ptrace$pokeuser(0x6, r3, 0x118, 0x50000089) 3.641421441s ago: executing program 1 (id=112): creat(&(0x7f0000000540)='./file0\x00', 0x0) socket$packet(0x11, 0x3, 0x300) creat(0x0, 0x108) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000140), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x10, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) read$FUSE(r0, &(0x7f0000006340)={0x2020, 0x0, 0x0, 0x0, 0x0}, 0x2020) write$FUSE_INIT(r0, &(0x7f0000000040)={0x50, 0x0, r1, {0x7, 0x1f, 0x1, 0xc18da8, 0x0, 0x6, 0x0, 0x0, 0x0, 0x0, 0x10}}, 0x50) syz_fuse_handle_req(r0, &(0x7f00000021c0)="0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000800000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc4e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000ba045abcd5dfc67d00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000081000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000230000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000050000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000090000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000008000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000209bfd66eea210560000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000020000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003dc150f4000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000400000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000030000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f50000000000000000000000000000000000000000000000000000000000000000000000000000000000c6d90000000000001354c4b6000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001a00", 0x2000, &(0x7f00000062c0)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000300)={0x20}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) syz_fuse_handle_req(r0, &(0x7f0000004200)="a28096c80abf3543ecde7564abff5085d2227ebcb0f164ae92706ad0b083a3f469a3efd15b4921e9c3063b98b3082068e7c31950dde842eac55df0f991453cad62a6956b0b6f7b8cf49b506a3060fe1127eca99663ade8efa89ee189acb5f3b92f6bc4c46621c803eed0d0bb5f32384870ed08f89d4f74445762fb99715e083c4c92a8878be19ffacc30d0f2da64f971cd40563163adc15670ecf25cd3ad96138967c4b53ad9d04b5193ab5fb674aa0030a9d703d1baf810ce897f969121f142161919e583c275671b999e7f363891dfdfdf3556d01b86ee29eca8fccbfeaf1771395148706cc6e6be7ce29fc9ffef061b5420950c1a525bf75ad06edec51538d1c5bbc77da72dc90fd9998936fffdda2427e5a68966c7e2208f76304680182ec73007e482f034195712af922db2726195d997708734db9e7825a864be00b2a4f800881fc0363f5e618398454f35b148b4ccb88d418269fac868a8ba4a2d5b4f06a1ac01b5ad158b842e05adca22c7372585bf4ce95560b6c1e021a3ed2ff7bd3b6b3c7734c3b66d7e4c460096312082f89b16baa6e73814aa60925780cd92cd57087e260ec046fc363264366a9df2c849c0644911303946adad544521ceb469a3e193ecc9a7876403fac461a4a70d6193b2451189a5c5120b3535e9edf619108af7f517b58abd3fa7fb1ab832213430d2e6901076fba9c9e1acc6c6f48ff0e419bbc45589745a176f52a7407ad5e3dd49acb31b47862806f47077dda04905e45a80a12cbcd4d2dd9fe66c2d1f99394fed8ec60961cd2dc7115a96ece432fac86d51bebb08b95f447a83792fe80291fca7b298c9043ef2c26f0f7e42798d3f54c84b94c24c76c555d83ecc53b99bb22d71845e5cf21a5ba7fbeffeb6306e1730db14561b950a3f24bcfd78d4ab0d97de8054bb1a6077ae7cca6e45d846d3df82298d07212922742cb0facac3b77edfbab90e9ee2d4f7b0ee9b17bb11ec5e5721340d84cb6bd93428167e69b47759172557acda313c3decdfc6fe9336bfade459f43b39d0f2289f9142db280f4ee668e650e12858c577e12e2b9a57ee66c834be97979bcbe94747fa5d8d0b7d3a9f8f218df1bf960f828429a1efe838616b18faf6629236ddbded43a093efae163228e5c38fd7714743c2fcca47e3382bcfb1ab893fd7377527b4ec43f3fa60ebd338161d8de7cad65b15579e4af258f5fe3a63c2637a15703207029b0899b5427767647baef11e291358e6e54f6f13d3d2ca7a5e7969e04d2733b3b9ab822c69a3cfac097384de5071a9b74a656136d55eb190df08747b509fd610ff62b4950ef71c934fe21a48a4931d3d9458b415f112cee65c660f5490e982341da1c58634b3967ca6f3596d20cc90f508382156e36f16539093240ef5f2aa6a2c0dff2a67df30dcf50bf6e0b82a3d49f2d532a8dde1b3ceefcf0837190b74186090d1c18b59917d7efce1adfb238ef4a7b1d22c4cef09320221de883e97e6882466508de06fcdabad3b741bdca2cff879d57ddda52f42b3dcb8a78cfc05826af7e4ff155934378491194f4d321ef195990abaeeefdcb852d1e1e3703f317385a9458b6c2dd9db830f757ec29c9939fc7313e639fe485bc1e41ddaaef3fbf1f7cc527c8fad0d21b8082482caad7bee440e5097665f636c3dfec82f8c98afb6243bc3944939675a594277d278ba4361461f7da52e224e4ce5dee4a467bf6ae9f67b61ac6eb0a440406abac2016eec907e241c57f5f44be47290fd0fef785ff04df3810ccd637b4d97a84bae8486a36f75d872e645fe46625969fc2d1f032c56ed44bd98ea27bd9b6ddc8eb2dc2ec9f90f2f1ca1bd20e37ac58b03c84c872f4ba47310654986641460dfdd531ac62a76ad87b89c103ac5c9c2e7e70c66447b3412d4a1e5cbc30e16939505116c04de33ae054ed366de8d1f971c2de439957a194e22a488f58d7efd46439177f3f3c45a1475927eecd846d3d2e6a2ab5c7f8addd99062c2fc6b272d1f51bb8f22f1b6f8bb3faf8aa85e5eb9abf7df5cf8f26267323808b0833a987989cbe59205e7ad06556e2d1b8a4873ca1cbcbc8d43abc145fd4eb832e7a58ab2c793d003ce7b1850ce45eb7480417a1e9eb9d39a1028a2a04a2aa649c098c4f8eee514db5f6021173bb254b8e22b150b2ca01dc7ff235db46ed78d07f43d1adab13b8445d1b32069eb45f9d389fcf5a3f7d3ebe243c5b1fe17b1f5a3d571b65f21b9e471e818172554dc956749b99cb7a5f303ec480d7194a2ba86e204f06aa1becdddc8c49082c527e7064ac2ad77dc05639d3d2a7778f6943ed6105ebf6f0b9e94fddbe05c236ec000f4d1d4e496b10068211ab68ada4c7f7ac61f5f5ba5f1810d5bbe87ff4f8356af0d3f682baedb0ad8f8488b277421f0a03fc5e3095ee34bc4472d8f17e3f7013cf2f79f5ff3ea4b6bae56d1365a33b09bfa9a496323f7da923b7e29dce4beb81035f13130004c96e56d7ef6ca6c101d20c27a218e623227c33c9e488b17e7ae9ac20da8240501f7b614a1730f164553fe479ef149866e4ea47296814284a3d3eb7cbb294289ffb996e0eb053b9c16e54cf267832e3d360eb196ed51305630223309ea97215628f01ec9d3ea48096418d5e962cac5063460f0a18772ec7ce66d14a1cce14b52c40bbbfafccbf1e76f09e57ff0718048e5b993157a6cf4718826b1e09430413a3596a15c4a620fa8c8e1d1663e5739f9f790ddbb3be0e00187d43717d659242467d8681ac10303346157f894d9037641417010e9654c6a5b22263e73a5a37128f50078a980c30930321aa5c5e7851d5d392ddce3a14a96916fa8421ae6728f37f5de7c3e98feb4babd4e1bd2315d595e209d52748f70adc2284fcdaa6ad880470d2a071f3490aaf3491fb64b4547419e8eccdc491a8921156cb4811ad1e66514a32b0b31b641438881f28c1e6461b4f451938999af671e8c6a5cd0c072a9fe4cdbefe24ca616f3d0a15ac97cca835b1a440e04fa28340c6044176c8ecc8ee0d033d47db8a0aacfa0eabdfa1c9509fc2604008f01cbafeb5bd2b503b809ed672340b9a576593f1ef388391b54b605e7a15bef7b1345627a34fca57738b0f8f4f19eea93c903495274a4425a1a1cc6c4c6e335b631df5185c95b485a4257867b5347a40e4e14dcc560f061fd4fd265137dc68afd548adde778f1330f769acb1ccf5da14ff6992c24e210ea6e6179421881b803393bc6974e37106c5b5b3b5d0b3469f8969bffb7e4ceb2c98e928e74366492d27235ae4c74a2f48511aeeaa53a2beafa7a331b50e454c507af1b63350a5cef35668a5b9325014192277e509561008b3601088f79d42eaa8b1e4ae2000b31749e2b8094312ddb7f3c1cd625ef885c11fa22a66e374b52b3425e0b8016154e1fd8471339e32e7373d63ab646d893fbe09ae07b06074c01401ea76b3c382a9d32f24f93c789964e16bc4206ecd75c10917ab84ffd8d6cdf4cd28fd90375ff28518f8c1a3befc538e1b9e427fb671988d29f2fb2fcd039f4d341c84eb4d7cf600ddaba88bb094e4d87a1419180149f491368e648b69985b05ac39a4ecdd3c5135f3a5c8ad7792dacb6470144bb9e67805a211efb3ec9ccaf8e0901345fb19e4da579e1fbe86a1207f4f13c3436009c2c640b7cf3f8b77ca7bd994bf93308027359c6dd1b7db1e153fc0821968ef36c003b6c73fe890f4de24f5c6458dbaaf3819edeaa91783c3cfc7e773689236248195c7bbd60113f2476fa3687621d668d1728ee433d2f8f4db707345d30f1e52ab87a2a0afd547c6bb06500f59f17facde48f693490e22494b75d11df1a143b85068d143ef6a9bb5937a9df380c8948f1a01e9675e18409edb0f6b9605b68e34632fcce472dc50b90b0f6dcd57931f78e1e8861a0fb62e72b0baad6f9d23c1cfb0f19b25013c8d9fcd786a2f6f79768b5fb398f7b2baa31ce8156d1fc4a46c1c463fdf30360d42aeed2ef11611d0b7f654bb51052fd4dc39328f8ec4c58bbda05e6f1b3c8f6d8adca0268f2410e9a4a7d63b6616006d0e02f6edacc10e5c54fd85f15a8bd7648a293f23d6a699bd9a675250475a73a96d7475e4fabb89fb5e7de5d7a3479aa485c0befc60d0ac4fd5ac6dbecceb06cad86e219fc0ce4720758917811a3215f8d13e413bfb64fc065fc421aede0b56691797dac428c7e463479fa591b9072c309b7533e427c5cc11a1f6cf9a5b995d328d796d874c5b55dfc12a5039b413ce319cf5ba1f355c4e0717d32650b43e18010f37f048731931c52c4f36eb969dda702afe96c2a5241350a67ba2d026946189c5e281293c9a8e2cff3784776f1de78b917101b54e5ab00c045ea15f28a0e3f509962cf8bd3385d85250737eae5c34ece86b86669c13b00308a3b13c0ac3c83ff26fb52a4aa83c1233a9490cb9ca917a056908931751bddb88a62379a713395f0764e4a393faf253a4026d0472270e6036287d56850df1751543484d65b3062155b6300e0024241c59a862ae769c1a9232a2d9fb24705177a09cceb3eefbf9f106f67e01be14cdeb4d2fc7d8661df3e75de5ccd09a7e559f028fb9837c621ea0045b4d1b679067f246339c974631aa7134d4e910efb28d3c48929cef1df7e6c73668762d55086b6c59c36ac90154135fd7ca4e4047dd0aa161fa982d8edf9c0cb9666477e096c55718f6e4742415fefd4f696d1f1ccd6322bc19496ddebd36282a7c707d5b44113e30678e6e33ab7d34be04a59ac614d6a54134490998be02636fa91633d6294781c2b9a54c611c0045cfcfe81f49aa21b29d835cd2047c854486fd8e65a2ebf629f7ced602b9dd107bfde483e5c9b5cbba4a08cdce09920bda9978b7fc2b4a89bf1573a26389e52090fdf5dccf22111dc8c42fd3c8c477092895398086cc22cca665269e193fc650742a361a44b857d258429f701f22e9b7615bc3dab78c1479a41cf8575cdb17169470b347adfc03e03daea3e269725cfc72df5664b9df36d2f2b55013b71133e0b80577a47182511ebb308b6248d457bd2af7b28e77182c305241178c4124ab102771fd5a8c3dacb8775de881301d71587c76bcf0a97a72ad244d0c42fd71aceec32dd48bb5c9a95b391166c832ac5bac8c7cae4d18b3f7d9f2e4782fdf97732e3d51f67bbb57f989ee0d7589dbd0c2a5c63840e914b9d7d720fa120acbffebf816b588b2ccc052e7fa78992e0ea39dd21a122add41195f8e2e1acd777c1a4e8ef4362fef441feb4d9252c6bfbd2742152300a32027776e3341620d3c8d9365e10e81adcca7d87a0e555c98a0353c692557d90ee9be3fbaab766abf93e2462149fd99c92a5fc58d899ee75535cd1fe1386c5ab0b157c2102039d6015258f59cef3f15b951893a30ae839f740402a30b34e7be73796286403c5beb0853d856d83f1b00b48328f56dcb32e1faab08a3435b1482bf18b21c95aefeaafa7fd761c7f28d416fcde06bf7aee5c6e9eb50e55874253ba3f1d0ce2505b4fc7c3fc996bfbb8446bafe84f5bea94bfd7ca5aeaf237fe793b66e5c521d4092e4e1f9bde1dfcfe53fa55005d21cfa833a338fd9792614129336060e10d1911862070761aa20c2902eb7c5a355eff4cf6253d7102a2ca1fead4c53b57d576d104c081310d92797e4e2e8c269d19910d0d4cedf30fa28ba680c00137f83de940624229b6a125ce5233c6cf4a3640b74f58f288dad8451fbe37641c5559a5f3caf1299c8bfb230723652278fe378efd8e459b9da26cffeb58468a6301dbc06d713ba2d8d43d9038f5f2dc8b831ba58a88eeb5b1786b21e398aeeeb7c1f3d6f01d82b3947862fb9e7cbd7da5d04c5fcd34da28d53e2246e3ac1e3a619ad174efa6435eaa0fc94d610799ce0158421dce046306eb5042143daa336d52206b12610ea6389cdda49bf5af1d4ee42ac090a94ae7b7612073f3a5c36a2245eda887f41478f7d20f18667f941f71eebcfa76c1ab28f2a49a3bd56bd3f4e6bd079ab3fe2d94782236e83585a03e52907abaef7456a95d5d3f3d37efdc035dbfd7c41b8ba0af2df8adf1cf24f7ff0beccd3d26bc91caf42314ef7e466f74e19ae0df2e2298fc2f694a7ec134632035585d530e7e19f65c256f001d75382d9825ef741bc213af186377d9ca10d3722354e1897ca5c23ac6a52c9ad0e6b686e1776f7ec65df033e8f4d5db80c1bc354093b319cb70df93d610667675816328c99322f14e636b95f04e6497f139d508b453f53ddb5c289d849fd5407c9bdcefd1642abd46e28cb4e94371bdc606eeb67c9fe17747c68f2d50e82711da4d3edb0eda06f41b7f93fa8fb4d83cf21c79da67000bac2275508217ade1659fa8d24e5f8efb9f4bd21073ebef3d06368eb03fa3cf0d638448bd055ed20d292033ffdba538559c8ff9a2a5c8f83b5c393643d6585d1df994c3be43e72b8f3f53114d2a5f6bcedb573842b23b6a3eb7fca8495bf03bd03fde7b19bd39a16cec49e01f38e671af33cae082d9788e3202799bc466babec2080528d0609c0b731964719093735b4c1e73bd0705637c47516922197c552baeaf3516b5e3bbc2cd1afa3ef8215196ed580d9561092f620b897e98e786a0c7cbb0eedda8063292ba6482497f5f6bb62fb5ab4c97cb7658dc6579718eb97b547fcf47ced1426561af93a15fb4dc6d3d93b868644943c2c94b23b0570bbb81df2666c24f5abccfcdd71e209f3bb43c01d17f9bc8b9af2c26762fc6a741a150b7d1186e4f35175f3c315243e1c11e92c43a1fc492eef5a13c77a81fcf514ebfd0f8e645dae15a07e86b2f01fda065db4505a5eea83cb616f744f6bee731be191c65449c02603556d5a51422cf9c2f19f8d6843e0c1091e0708aa271e91f71c8602b9fa72189e036b7cb6af1569f21269283de94a6d7fe5849fd433d5b719c80419873db0587fc29786cc598d896fb16360bddd2ce12e54d05418f4f5e5f2d7aafe9fcd6268cbe2e9e6329ffb6c67fab8f3ce673028cc06aaa6b857556bba3b44d3fab5b6e875e70a2f3ad4b2ff76f31ead3462d3801ba373b3c2f545e94f57021575e2947f81f53283fc0a5137fd44fa3d074c92de54a0a3465c858f5a7ef08313faddbc3663e4e0167f3cba39612057a7518fbfb031f5ad0f9f75831973ebd733b82e554bf3fdec84e51f65dab6028c6c51366d9d4700fdf255e4c7bd70766e7f2281b3f2a5363f85ce49f9135904d14bcb117ad754c2594dcdca2d30e40ff265b5accfb116f64ed99aad570c4c5a91efdbb984ac651d8721405a0342cf77f448c17a152eabf29e88950558a86d0074e1cefab1eb7c366682f686ee1338737e675ea58eb8b4c86b9f28a6f6e96459f29e3b4dc59ff044c61a0dcc5c31d803e6e98420e446229ccdec3d0f705e92ffe016bb3696373eadab7f35ccf65ab4d9be09a085ce21bbd7c0555376e4d7fe68b5e7a64f48b5127825fb2be598d991f9c1a54bf52713417dcc599e812d85513a537e6eafa738edc972b67e065595d11678449bce6cd3d69800a649b560d0e057c502ca3e72e97820829ecfea801192c3f4e2c8763c095a43ee6fe45fe8730130937668df1d4ee577ada28238be03286481f2d2a004cc4d48856e71fbd64f1a0043a4520ecbbf1b3abdc96b87a27be8495a20542967aa4cd3a44a11502419a083d84e97abfde0901b66dde48388649a0ed6d93b9f20c530e990c7c52370a114d800d6ab3f6687d6bbc105b63738fe05fa6cac98ad6663936bb18cb923264e44312c24c2ce8e642bb73c921012b68a26a70977446b8f15f9d62467d8b356560c183a6bd6cd76ec868c3bd94a595cd7bf996755a508a814980c5e588b275200c45afd900c8c2de329ec2484b0e3ecd7b0960e5e3425881d1ff7f8bd8b20f5cc98ffc3acb77f5e88775a4bd3ab9f9eb027e27d3af55ebdf4eebab48ea911128d668d00fc3f5b5480aa0d9a4af563ba577384448e5425157133d59e1cef3c722f33700bd372825046b1fa5824e405154a3af1440bc2b75acfbd07cf92e8c162587e74b5ab66b1c6aeab3ad5fa3ee91da4900ef30ad04baea326df912517dd96e1696b4a91faa66675978a375e81f25464a1073dc6737af08d7e25956bb31d438548a7da38662d49db812a8cf1d6cc65f5c63879fd9ee7fd2a66ca3fc1a768cb239aab88c87206470b4c60592afebc369ed97a8f990155862ba4e22b64804142c131a23792937aa8a8696e165c24d7692a04bb4471b0f0d2507fe7c8618421428fc7a0acc984ca5cc6bacb772e8a717bbaa646f9643275910a6037afaf5a80678d18edda138a4e13d06d04a5d06431eab48738225cf1567e960e765728dc12e91b91c6f2b33dfb6e033aa68c1c2334d24335abc4a7a1df5636dec29091da54d5f5a1fff41e4a35a0c2f04f968f7d78e2f51c73577e2192bb20f289aaba5a175c2ed533855bd9ed9a842ad482136dd5e0cf45eb5e2d31ff62a3be1cf8a94a58316e74f4ab9fc54f3a0bb83beef0f355993bdea2c83e61cdc796bf2564ae51fae616799e8711998cd88d35cd9824452fdd65226174b46792cb87f4dd282e4e6f67eb66da413ad877ed6ce775f7e19bc93f48bb9e5ec04009de3c042aeacf7f4b25ad6b30e017303f64fe07ac79e8744aab6926d117f13513d0469cef335fe1d0d787c2d0b2c031a9521786ac10e9f8b768271680337f2c3262abdccb5d3107c632bf1f74c83ee91f49988222fb080cc8faa9b1a02526d8b6087e0b2354173d29016b3309587c16f057dd812aa63c3169150de81f3af97d082a8f8da4ce4f909ff649821d7f96d97613552e8cc4902e046ecfa329b1d980ff5ece69b8f1615fdff5244f41cec0af924624ae1641ecae5fa26c5fb9006e57100ee71377ced7c255ae17a0845e2ee0287c62c1852f93877f9f86157ca9675d383fff5cd6f2b001ec0136c07cf37f5ace1853122c2baa1092d418e2a490c4a5c8f56b828ce1bafeef4e7fa095d6b4ed99d56f66812cb19be540ebe5d52e7eff2d69cbb8477e11514f7e3604bf9999f78c2f1ca6f60a2216b87fa0f25269c425b7d50709b200912b3b7899c95e12d6e9c4dacc19e327721860e0477a53e6793fbb7fb9704a848f395f48c24a6e79b9e1358cc3497251de88b8d3a7b22c6d8af1a7fab81530d9f0cc98f62debb222b54780d89794238532717b447d71b46a60ed481c21db85b590b31720009695ecffd4ef029964e5d5149622233ac013e960a005c924f73ea82c318455546c53d74aa3f7e2ff26aa074c40a55aba8b08027fc19b596eec6c4f89bae39e74b9aad88344f7cc5ad3eefa5095f2ab47222e9a357ecd71c6700ac576025201490d9e446603dfd4bda7617dd500981b2d2ab8c43882a5208494cb3f8ebc720bca8a7cf6c80bd7aaaf89507bb3412ea490a78973f12cc30413e9df1458917ea3d68b438d424c1314bc8d01939c5a5a842438281e62d0c800dee704b2a6cd3e1e4b885a6b26b894a98765fa3308c9e4b87f93625faecdb17c29a27cd243bf6030a67874ec9f2443cf8154261ac2a834c01cbe1f314ee7aa3ca552e1648cf8b42a63f249e3538026e09e44d69dc259adb0d1a0cbccb5a5dd5d0dccc90d023da79d5634188ff060f7e35a5f9d7ad99546824d63975d4452de876093f4e997dc46eedcd80a9eebf5e4f077fbb10c7d9e19a3419e7b845972a3b62613c5404a209b16fa88e0ff49d7b4f21fecc1f773c5b4be61021e0cab8602c6e8257649303aaeafcbb178e7a460ff07f219c46eb6fe5bf8113723e454003bd707767c107daf4255751daaf8decf35262640058924eb6587868b2c08230b317e97396ebc928ba8d274ca0eed0bfcb637676003c64e8c1e1a0420b6c96a44226061ced41b8448382abd2f3d0c472afcde231fbc9ee90c2f1132f8e2391246f95ad93354c7460e20de996ad0f61b13b27646887a637cede90b94b7d8c3130f0fe060e8d955c711a2700b302a75bdeb32a0a6802ea795cb114f5f82a1a381a86bbff88b299e47728b746dff964c94c52b661b9429376b1320b46081426b7c340206dc0da151bf84be2a49e78b6b5938753d2b1be8d9e67c43c5d70e72519f5f90d0500e84ee38f82b191ac4d968b0a37901fd923cb289d585693ac3c3f8a94fca6df45e694e199a9cd0b1bc1fa7394bcc96aae670dca6605a998793b7e067ac410ba631057b8b76fcbe9524df820c02efef1608b743cd2aa6d60d3d8e476fa12d3acc329f8272b087d89471177ed531fec1f9c24a975ca2fcd8c246a33e291a3f00b7f234052067a0059c86762475256bb5e7dac6f121a0925506b18933c6e314915d4b3b2130aafc2483ef22ff8bb7b887565b1bd22fabca22037d8fc9437f675c5313526266f60bb7c7c47f30c7d567ed142ea5ec367c4298328d20e5344f01c0c90cf8a6302f4d84b6ba7495fba314a05ba29b63bb6d458fdb05a4411136958309f418fb178e19aa09ff9e62b29732fb2986c96e738f7a688cb2122dbb8f2ad9a5f28bc49ec0c462413552afee8e403259b55ad6dc334dde7f2d306929dd01f2aa6036cafd41874522689301b81c9e50e86828894140356db0a3317b081ed9d8148c41e77e6bda6287762532b86eb91f5480915680deb8a91fb8656b7f0109064865d2b846af0861f67d3f720d6e306540cd7b68f095ef3690b88ea93fb6a402ff5697597cda83171f159e85307d1a8c01611189bd4eb4f0453ab88d43ae181a562a76902a67c687514079d6f4304d9a7c0fa24b6e86074ea0a9fd8187c120312078f5ebfa674adc0303734bf8f6b5585943706594192ad64c9f7d9794fb83758924f862855ddd50bff58b522c43d73c03289baec628cd693cab93101b1e473b76532510e10f03e86812fea6f2d6f5467dcf29e6d7cf8524f383a0ded3f0951c3ffb171a6b8a6d97b5fa8899a19f1a3d0e934a1d4741076e4394ba225158f697bf7d5651717c6950229a0be22e8120d76a414edbcd03d505264b7ede8272ccbd6dbdcebaf11daf6a652f6f9eb74ba7a3ecc942892891388005ae5d971e4e79d696564906dffd44845b704a9abc2fa5ba1bb69a548423a08044ad6d0e365db7e6bea0f3844a452759716cb98dcf326001ec90c1c343174098cdf47ea2e13341058ca014d2a30e9ba3c526de72a6e387181bf76a278c9cbc518d8c374a3f1d9802a39464a100903dbec16f8f095f5d82d9d09507281e4f7fe0ce4fbeced193902a5f658af2a4c1d0952dabdc6ae5830b6b5a2c3f5b8d33a73665990822e5f4a7ce5366755a1615543bdf78299c71e890e0bedb6ec277b10a389d6a3ba9c037221421279e51ab50fb115de2076cc99444202e88ebd9d0fbe4e60234b7b761495ac6c9e615ddac8176164a88fb6d6cc2b52672c8949afe3efc1e87a598896bc93e421423844fcaafe65af898a015b3bcaf623ebeef9a57155af5278ceb52b995f7ca466d9e18b05e86380679e0257cff6d0c6750078462f2ee4701d6d8289ed848b877cf5918625b7937060d667c11119881c30809056892352c6c53c01e395af6866ea350e6f21fa3db772c1177c759999973b51e11ffc5908", 0x2000, &(0x7f0000000c80)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000200)={0x78, 0x0, 0x0, {0xffffffffffffffff, 0x2, 0x0, {0x0, 0x4, 0x0, 0x101, 0x0, 0xfffffffffffffffc, 0x8000000, 0x8000, 0x200, 0x8000, 0x0, r2, r3}}}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0xa4901, 0x0) write$tcp_congestion(r4, &(0x7f00000000c0)='lp\x00', 0xfffffdef) dup2(r4, r0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) 3.586983406s ago: executing program 3 (id=113): r0 = creat(&(0x7f00000005c0)='./file0\x00', 0x0) close(r0) r1 = socket$xdp(0x2c, 0x3, 0x0) r2 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r2, 0x8933, &(0x7f0000000280)={'batadv_slave_1\x00', 0x0}) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4) r4 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f00000001c0)=0x100, 0x4) setsockopt$XDP_UMEM_REG(r4, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/74, 0x328000, 0x1000}, 0x1c) setsockopt$XDP_UMEM_COMPLETION_RING(r4, 0x11b, 0x6, &(0x7f0000000080)=0x1, 0x4) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$XDP_RX_RING(r4, 0x11b, 0x2, &(0x7f0000001980)=0x100, 0x4) ioctl$ifreq_SIOCGIFINDEX_batadv_hard(r5, 0x8933, &(0x7f0000000580)={'batadv_slave_0\x00', 0x0}) setsockopt$XDP_TX_RING(r0, 0x11b, 0x3, &(0x7f0000000180)=0x10, 0x4) setsockopt$XDP_UMEM_FILL_RING(r4, 0x11b, 0x5, &(0x7f0000000140)=0x1, 0x4) bind$xdp(r4, &(0x7f0000000100)={0x2c, 0x0, r6}, 0x10) bind$xdp(r1, &(0x7f0000000240)={0x2c, 0x1, r3, 0x1000000, r4}, 0x10) 3.448373938s ago: executing program 3 (id=114): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x10000, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x8, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x1}}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x0, 0x8}}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) syz_io_uring_submit(0x0, 0x0, 0x0) r2 = dup2(0xffffffffffffffff, 0xffffffffffffffff) read$FUSE(r2, &(0x7f0000002fc0)={0x2020}, 0x2020) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f0000000040)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2}, 0x94) r4 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f00000000c0)='sys_enter\x00', r3}, 0x18) ppoll(&(0x7f00000002c0)=[{r4, 0x101}], 0x1, 0x0, 0x0, 0x0) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_open_pts(0xffffffffffffffff, 0x0) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000040)=[{0x6, 0x0, 0x37, 0x7fffffff}]}) close_range(r5, 0xffffffffffffffff, 0x0) 3.387769152s ago: executing program 0 (id=115): openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) munmap(&(0x7f000045e000/0x1000)=nil, 0x1000) mremap(&(0x7f0000dde000/0x1000)=nil, 0x1000, 0x1000, 0x3, &(0x7f0000bb3000/0x1000)=nil) mremap(&(0x7f00006bd000/0x2000)=nil, 0x2000, 0x4000, 0x3, &(0x7f0000721000/0x4000)=nil) munmap(&(0x7f0000e29000/0x1000)=nil, 0x1000) munmap(&(0x7f0000a88000/0x1000)=nil, 0x1000) munmap(&(0x7f000060f000/0x4000)=nil, 0x4000) madvise(&(0x7f0000492000/0x2000)=nil, 0x2000, 0x12) munmap(&(0x7f0000694000/0x3000)=nil, 0x3000) mremap(&(0x7f0000807000/0x3000)=nil, 0x3000, 0x1000, 0x0, &(0x7f0000ffe000/0x1000)=nil) mremap(&(0x7f000061c000/0x13000)=nil, 0x13000, 0x4000, 0x3, &(0x7f0000fb0000/0x4000)=nil) mremap(&(0x7f00007b2000/0x4000)=nil, 0x4000, 0x3000, 0x3, &(0x7f0000968000/0x3000)=nil) madvise(&(0x7f0000a30000/0x3000)=nil, 0x3000, 0x10) mremap(&(0x7f000046b000/0x3000)=nil, 0x3000, 0x1000, 0x3, &(0x7f0000769000/0x1000)=nil) mlock2(&(0x7f000072d000/0x1000)=nil, 0x1000, 0x0) mremap(&(0x7f0000b89000/0x1000)=nil, 0x1000, 0x3000, 0x3, &(0x7f00006e6000/0x3000)=nil) munmap(&(0x7f00003fe000/0xc00000)=nil, 0xc00000) 3.229071485s ago: executing program 0 (id=116): bind$inet(0xffffffffffffffff, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) syz_open_dev$vcsn(&(0x7f0000000180), 0x0, 0x26642) ioctl$KVM_CREATE_DEVICE(0xffffffffffffffff, 0xc00caee0, 0x0) arch_prctl$ARCH_SHSTK_ENABLE(0x5001, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) set_mempolicy(0x8006, &(0x7f0000000040)=0xfff, 0x5) r3 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2) ioctl$vim2m_VIDIOC_REQBUFS(r3, 0xc0145608, &(0x7f0000000040)={0x8, 0x1, 0x1}) 3.195642155s ago: executing program 2 (id=117): ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0xc0046209, 0x0) openat$ptmx(0xffffffffffffff9c, 0x0, 0x0, 0x0) socket$pptp(0x18, 0x1, 0x2) r0 = socket$nl_route(0x10, 0x3, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f05ebbee7, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000580)=@newlink={0x28, 0x10, 0x801, 0x0, 0x4, {0x0, 0x0, 0x0, 0x0, 0x4000, 0x4a080}, [@IFLA_GROUP={0x8}]}, 0x28}}, 0x0) 3.142985829s ago: executing program 3 (id=118): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) ioctl$PPPIOCSPASS(r1, 0x40107447, 0x0) r2 = syz_io_uring_setup(0x239, &(0x7f0000000740)={0x0, 0x1c2a, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) r5 = socket$inet_mptcp(0x2, 0x1, 0x106) ioctl$sock_SIOCETHTOOL(r5, 0x89f1, 0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd=r0, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r6 = socket$tipc(0x1e, 0x5, 0x0) bind$tipc(r6, &(0x7f0000000140)=@name={0x1e, 0x2, 0x0, {{0x42}}}, 0x10) r7 = socket$tipc(0x1e, 0x2, 0x0) setsockopt$IPT_SO_SET_REPLACE(r1, 0x0, 0x40, 0x0, 0x0) setsockopt$TIPC_GROUP_JOIN(r7, 0x10f, 0x87, &(0x7f0000000180)={0x42, 0x1}, 0x10) socket$igmp(0x2, 0x3, 0x2) sendmsg$tipc(r7, &(0x7f0000000540)={&(0x7f00000001c0)=@nameseq={0x1e, 0x1, 0x0, {0x42, 0x0, 0x4}}, 0x10, 0x0}, 0x10) 2.734754998s ago: executing program 1 (id=119): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x110b, 0x8000000000002}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) pwritev(0xffffffffffffffff, &(0x7f0000000040), 0x0, 0x3a, 0x0) sendfile(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8000fb00) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x800, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x10000000000) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000100)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000b00)={0x0, 0x0, 0x0, 0x32, 0x0, &(0x7f0000000a40)="6457d0288aa7e5af7f39e77114d0861c76bfb41da0c672f8c976971ee0c6db36272e472e5276aebc85dac879793c9677af38"}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000440)="97713b46fbaa2b1044f2d408ffca802db4d770eb9874f493e0ef367e4bde497c403b450c72ff2417d079bb892435a1e107fa5c0ecd207d9e6f2a209bf148e6bc56955cb53347d1499097488fcad724a1"}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000002c0)={0x44, 0x0, &(0x7f0000000740)=[@reply={0x40406301, {0x2, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 2.62639139s ago: executing program 1 (id=120): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000380)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f00000000c0)={0x73622a85, 0x1000, 0x2}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000200)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000000)='./binderfs/binder0\x00', 0x802, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000340)=[@acquire], 0x0, 0x0, 0x0}) r4 = syz_io_uring_setup(0x3c63, &(0x7f0000000140)={0x0, 0xfffffffb, 0x10100, 0x2, 0x4000004}, &(0x7f00000002c0)=0x0, &(0x7f00000015c0)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000200)=@IORING_OP_READ=@use_registered_buffer={0x16, 0x0, 0x0, @fd_index=0x3}) io_uring_enter(r4, 0x2df0, 0x40000000, 0x0, 0x0, 0x0) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000780)={0x44, 0x0, &(0x7f0000000900)=[@transaction={0x40406300, {0x1, 0x0, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) r7 = socket$can_bcm(0x1d, 0x2, 0x2) recvmmsg(r7, &(0x7f00000099c0)=[{{0x0, 0x0, 0x0}, 0x7f}], 0x1, 0x10002, 0x0) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000001440)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000001340)="0e9849f1332c3a4f7cd80c990e6bb6b5979749a4fbaef24bc5bcc03ac73ad01da6441277f5ac3b4d0ab075522859b01dff8f24e16cd420439da93470adbb7411843f018e01848aec434d0395f241ae92"}) ioctl$BINDER_THREAD_EXIT(r3, 0x40046208, 0x0) 2.264512403s ago: executing program 2 (id=121): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000000)='tmpfs\x00', 0x0, &(0x7f0000000300)='usrquota') chdir(&(0x7f0000000080)='./file1\x00') r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000580)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x40f00, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0xfffffffffffffc97}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, r0, 0x3000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket(0x10, 0x80002, 0xfffffffd) membarrier(0x40, 0x0) membarrier(0x20, 0x0) 2.173170927s ago: executing program 3 (id=122): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x27, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x39}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket(0x11, 0x3, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nfc(&(0x7f0000000140), r3) sendmsg$NFC_CMD_GET_SE(r3, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000180)={0x14, r4, 0x325, 0x70bd25, 0x25dfdbfe}, 0x14}, 0x1, 0x0, 0x0, 0x8010}, 0x10) 2.036442569s ago: executing program 0 (id=123): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000000080)={0x0, 0x11, 0x2}, &(0x7f0000000000)) timer_settime(0x0, 0x0, &(0x7f0000000240)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) userfaultfd(0x80001) mkdir(0x0, 0x40) syz_open_dev$tty20(0xc, 0x4, 0x0) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0) futex(&(0x7f000000cffc)=0x1, 0xd, 0x0, 0x0, 0x0, 0x0) msync(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x1) 1.744123342s ago: executing program 1 (id=124): openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) ioctl$VIDIOC_SUBSCRIBE_EVENT(0xffffffffffffffff, 0x4020565a, &(0x7f0000000080)={0x5, 0x2}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000840)={0x18, 0x3, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x2, 0xba, &(0x7f0000000140)=""/186, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0xba7b, 0x0, 0x4, 0x2c}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, 0x0, 0x0, {0x2}}) io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0) 1.094438377s ago: executing program 3 (id=125): bpf$MAP_CREATE(0x0, 0x0, 0x48) sched_setscheduler(0x0, 0x2, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) sendmmsg$unix(0xffffffffffffffff, &(0x7f0000000000), 0x651, 0x0) recvmmsg(0xffffffffffffffff, 0x0, 0x0, 0x2, 0x0) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000080)={{}, 0x0, 0x0}, 0x1c) bpf$PROG_LOAD(0x5, 0x0, 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x12) r1 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x27, &(0x7f0000000180)={@multicast1, @loopback}, 0xc) r2 = socket$netlink(0x10, 0x3, 0x0) writev(r2, &(0x7f00000003c0)=[{&(0x7f0000000180)="390000001300034700bb65e1c3e4ffff01000000010000005600000025000000190004000400000007fd17e5ffff0800040000000000000000", 0x39}], 0x1) 918.643747ms ago: executing program 0 (id=126): write$FUSE_DIRENTPLUS(0xffffffffffffffff, 0x0, 0x150) setsockopt$inet6_IPV6_ADDRFORM(0xffffffffffffffff, 0x29, 0x1, &(0x7f0000000100), 0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$KVM_SET_MSRS(0xffffffffffffffff, 0x4008ae89, &(0x7f0000000200)=ANY=[]) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000021000000000000004bc311ec8500000075000000a70000000800000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000000c0)='percpu_alloc_percpu\x00', r1}, 0x10) r2 = openat$ttyS3(0xffffffffffffff9c, &(0x7f00000000c0), 0x60642, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f00000003c0)=0x14) ioctl$TIOCVHANGUP(r2, 0x5437, 0x2) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_io_uring_setup(0x111, &(0x7f0000000340)={0x0, 0x11, 0x2, 0x4}, 0x0, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}) bind$unix(r3, &(0x7f0000000180)=@abs={0x1, 0x0, 0x4e21}, 0x6e) listen(r3, 0x0) 861.155646ms ago: executing program 2 (id=127): r0 = socket$inet6_sctp(0xa, 0x1, 0x84) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) syz_emit_ethernet(0x3a, &(0x7f00000000c0)={@random="aefc3a13cc28", @random, @void, {@ipv4={0x800, @tcp={{0x6, 0x4, 0x0, 0x0, 0x2c, 0x0, 0x0, 0x0, 0x6, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}, @multicast1, {[@timestamp={0x44, 0x4, 0x5, 0x3}]}}, {{0x0, 0x0, 0x41424344, 0x41424344, 0x0, 0x0, 0x5}}}}}}, 0x0) ioctl$TIOCSETD(r1, 0x5423, &(0x7f0000000080)=0x7) r2 = socket$netlink(0x10, 0x3, 0x10) syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x800000) r3 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nbd(&(0x7f0000000740), 0xffffffffffffffff) ioctl$TCSETS2(r1, 0x402c542b, &(0x7f00000001c0)={0xfffffff7, 0xffff, 0x15493eef, 0x5, 0x0, "62077c318703f64494959affbb411cf0dce0b9", 0x80000000, 0x80}) sendmsg$NBD_CMD_RECONFIGURE(r3, &(0x7f0000000800)={0x0, 0x0, &(0x7f00000007c0)={&(0x7f0000000780)={0x1c, r4, 0x1, 0x70bd2c, 0x25dfdbff, {}, [@NBD_ATTR_INDEX={0x8, 0x1, 0x0}]}, 0x1c}, 0x1, 0x0, 0x0, 0x40}, 0x8000) r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_RATE_NEW(r2, &(0x7f0000000080)={0x0, 0x3f00, &(0x7f0000000700)={&(0x7f0000000300)={0x34, r5, 0x1, 0x0, 0x25dfdbfb, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}, 0x1, 0x0, 0x0, 0x41}, 0x0) ioctl$TIOCSETD(r1, 0x5412, &(0x7f00000000c0)=0xe9) r6 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r6, 0x0, 0x4) setsockopt$inet6_opts(r0, 0x29, 0x39, &(0x7f0000000080)=ANY=[@ANYBLOB="3c1204"], 0x98) sendmsg$inet6(r0, &(0x7f0000002c00)={&(0x7f0000000040)={0xa, 0x4e21, 0x5, @remote, 0xfffffffb}, 0x1c, &(0x7f00000001c0)=[{&(0x7f0000000000)="85", 0x1}], 0x1}, 0x200008c4) 778.667634ms ago: executing program 3 (id=128): openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000000), 0x80082, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) r0 = syz_open_dev$vcsn(0x0, 0x0, 0x26642) fsetxattr$security_capability(r0, &(0x7f0000000280), &(0x7f0000000380)=@v2={0x2000000, [{0x6, 0x10}, {0xffffff89, 0x100004}]}, 0x14, 0x3) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x25dfdbfb, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x8, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x1, 0x1}}, {0xc, 0x8, {0x3}}}}, @m_ife={0x48, 0x3, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = syz_open_dev$usbfs(&(0x7f0000000080), 0x70, 0x101301) ioctl$USBDEVFS_IOCTL(r4, 0xc0105512, &(0x7f0000000200)) 722.639208ms ago: executing program 1 (id=129): r0 = syz_open_procfs(0x0, &(0x7f00000001c0)='net/ptype\x00') read$msr(r0, &(0x7f0000000040)=""/59, 0xffb5) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x6, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000007c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) move_pages(0x0, 0x20a0, &(0x7f0000000040), &(0x7f0000001180), &(0x7f0000000000), 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f00000012c0)={0x0, 0x0, 0x0}, 0x4040010) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x2000, 0x0) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r3, 0xae60) syz_io_uring_submit(0x0, 0x0, &(0x7f0000000200)=@IORING_OP_READV=@pass_iovec={0x1, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x0) 0s ago: executing program 2 (id=130): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r1, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r4, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000040)={0x28, r2, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}, @NL80211_ATTR_FRAME_TYPE={0x6, 0x65, 0x40}]}, 0x28}}, 0x0) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r6, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r6, 0x0, 0x30, 0x0, 0x0) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000240), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r5, 0x8933, &(0x7f0000000100)={'wlan1\x00', 0x0}) r9 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_REGISTER_FRAME(r9, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000140)={0x20, r7, 0x1, 0x0, 0x1000000, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_FRAME_MATCH={0x4}]}, 0x20}}, 0x0) r10 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000080)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000140)={0x24, r10, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r11}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x7}]}, 0x24}}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:50695' (ED25519) to the list of known hosts. [ 38.668688][ T5866] cgroup: Unknown subsys name 'net' [ 38.836303][ T5866] cgroup: Unknown subsys name 'cpuset' [ 38.840451][ T5866] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 39.705701][ T5866] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 42.581908][ T5958] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 42.583547][ T5960] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 42.583661][ T5959] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 42.584762][ T5958] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 42.586461][ T5959] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 42.586663][ T5959] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 42.587171][ T5960] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 42.587443][ T5960] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 42.588033][ T5960] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 42.588303][ T5960] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 42.589734][ T5958] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 42.594024][ T5965] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 42.594426][ T5960] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 42.595177][ T5960] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 42.596534][ T5958] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 42.598270][ T5965] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 42.601915][ T5960] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 42.605728][ T5965] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 42.622621][ T5965] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 42.628090][ T5965] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 42.807617][ T5947] chnl_net:caif_netlink_parms(): no params data found [ 42.873115][ T5948] chnl_net:caif_netlink_parms(): no params data found [ 42.926880][ T5949] chnl_net:caif_netlink_parms(): no params data found [ 42.996000][ T5947] bridge0: port 1(bridge_slave_0) entered blocking state [ 42.999228][ T5947] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.002234][ T5947] bridge_slave_0: entered allmulticast mode [ 43.005903][ T5947] bridge_slave_0: entered promiscuous mode [ 43.010322][ T5947] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.013081][ T5947] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.016954][ T5947] bridge_slave_1: entered allmulticast mode [ 43.020056][ T5947] bridge_slave_1: entered promiscuous mode [ 43.042698][ T5948] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.045575][ T5948] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.048423][ T5948] bridge_slave_0: entered allmulticast mode [ 43.051518][ T5948] bridge_slave_0: entered promiscuous mode [ 43.055719][ T5948] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.058599][ T5948] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.061392][ T5948] bridge_slave_1: entered allmulticast mode [ 43.064843][ T5948] bridge_slave_1: entered promiscuous mode [ 43.098881][ T5947] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 43.156745][ T5947] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 43.181737][ T5948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 43.186609][ T5962] chnl_net:caif_netlink_parms(): no params data found [ 43.206884][ T5947] team0: Port device team_slave_0 added [ 43.224603][ T5948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 43.231952][ T5947] team0: Port device team_slave_1 added [ 43.248444][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.251276][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.254331][ T5949] bridge_slave_0: entered allmulticast mode [ 43.256977][ T5949] bridge_slave_0: entered promiscuous mode [ 43.263020][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.265669][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.267989][ T5949] bridge_slave_1: entered allmulticast mode [ 43.270622][ T5949] bridge_slave_1: entered promiscuous mode [ 43.362246][ T5948] team0: Port device team_slave_0 added [ 43.367609][ T5948] team0: Port device team_slave_1 added [ 43.390440][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 43.413336][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 43.416477][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.426488][ T5947] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 43.435174][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 43.455412][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 43.457629][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.465843][ T5947] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 43.500979][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 43.503257][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.511379][ T5948] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 43.515604][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 43.517804][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.525723][ T5948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 43.549714][ T5949] team0: Port device team_slave_0 added [ 43.555989][ T5949] team0: Port device team_slave_1 added [ 43.572405][ T5962] bridge0: port 1(bridge_slave_0) entered blocking state [ 43.577364][ T5962] bridge0: port 1(bridge_slave_0) entered disabled state [ 43.580254][ T5962] bridge_slave_0: entered allmulticast mode [ 43.584214][ T5962] bridge_slave_0: entered promiscuous mode [ 43.589562][ T5962] bridge0: port 2(bridge_slave_1) entered blocking state [ 43.592267][ T5962] bridge0: port 2(bridge_slave_1) entered disabled state [ 43.595252][ T5962] bridge_slave_1: entered allmulticast mode [ 43.597964][ T5962] bridge_slave_1: entered promiscuous mode [ 43.686302][ T5962] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 43.690270][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 43.692480][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.700382][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 43.731096][ T5962] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 43.734695][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 43.736916][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.747745][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 43.755655][ T5947] hsr_slave_0: entered promiscuous mode [ 43.757819][ T5947] hsr_slave_1: entered promiscuous mode [ 43.792802][ T5948] hsr_slave_0: entered promiscuous mode [ 43.795168][ T5948] hsr_slave_1: entered promiscuous mode [ 43.797336][ T5948] debugfs: 'hsr0' already exists in 'hsr' [ 43.799207][ T5948] Cannot create hsr debugfs directory [ 43.851238][ T5962] team0: Port device team_slave_0 added [ 43.898143][ T5962] team0: Port device team_slave_1 added [ 43.920663][ T5949] hsr_slave_0: entered promiscuous mode [ 43.922687][ T5949] hsr_slave_1: entered promiscuous mode [ 43.924823][ T5949] debugfs: 'hsr0' already exists in 'hsr' [ 43.926640][ T5949] Cannot create hsr debugfs directory [ 43.966865][ T5962] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 43.969042][ T5962] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.977014][ T5962] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 43.981225][ T5962] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 43.983406][ T5962] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 43.991365][ T5962] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 44.149928][ T5962] hsr_slave_0: entered promiscuous mode [ 44.152912][ T5962] hsr_slave_1: entered promiscuous mode [ 44.155985][ T5962] debugfs: 'hsr0' already exists in 'hsr' [ 44.158351][ T5962] Cannot create hsr debugfs directory [ 44.322841][ T5947] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 44.328201][ T5947] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 44.332425][ T5947] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 44.340546][ T5947] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 44.364176][ T5949] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 44.369054][ T5949] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 44.373151][ T5949] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 44.377226][ T5949] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 44.412773][ T5948] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 44.417107][ T5948] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 44.424255][ T5948] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 44.439916][ T5948] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 44.484574][ T5962] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 44.488814][ T5962] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 44.492673][ T5962] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 44.497383][ T5962] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 44.512784][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.533722][ T5949] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.540239][ T62] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.542541][ T62] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.558721][ T5947] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.577973][ T62] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.580820][ T62] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.607359][ T5947] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.612296][ T5948] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.624816][ T5961] Bluetooth: hci1: command tx timeout [ 44.625007][ T5965] Bluetooth: hci0: command tx timeout [ 44.635326][ T1139] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.637600][ T1139] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.644659][ T1139] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.646714][ T1139] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.651473][ T5962] 8021q: adding VLAN 0 to HW filter on device bond0 [ 44.660156][ T5948] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.667892][ T1243] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.670155][ T1243] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.675835][ T5962] 8021q: adding VLAN 0 to HW filter on device team0 [ 44.683417][ T1243] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.685693][ T1243] bridge0: port 1(bridge_slave_0) entered forwarding state [ 44.692945][ T1243] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.694093][ T5965] Bluetooth: hci2: command tx timeout [ 44.694514][ T5961] Bluetooth: hci3: command tx timeout [ 44.695232][ T1243] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.709375][ T102] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.711648][ T102] bridge0: port 2(bridge_slave_1) entered forwarding state [ 44.742791][ T5947] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 44.779059][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.801863][ T5949] veth0_vlan: entered promiscuous mode [ 44.819176][ T5949] veth1_vlan: entered promiscuous mode [ 44.833844][ T5949] veth0_macvtap: entered promiscuous mode [ 44.839230][ T5949] veth1_macvtap: entered promiscuous mode [ 44.852761][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 44.860051][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 44.872549][ T5947] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.877830][ T5949] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.880655][ T5949] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.883374][ T5949] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.887779][ T5949] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 44.896578][ T5962] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.930542][ T5948] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 44.957135][ T5947] veth0_vlan: entered promiscuous mode [ 44.960228][ T102] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 44.962540][ T5962] veth0_vlan: entered promiscuous mode [ 44.962888][ T102] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 44.974152][ T5962] veth1_vlan: entered promiscuous mode [ 44.976380][ T5947] veth1_vlan: entered promiscuous mode [ 45.000443][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.002609][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.006381][ T5948] veth0_vlan: entered promiscuous mode [ 45.014822][ T5962] veth0_macvtap: entered promiscuous mode [ 45.023652][ T5947] veth0_macvtap: entered promiscuous mode [ 45.026588][ T5962] veth1_macvtap: entered promiscuous mode [ 45.029577][ T5948] veth1_vlan: entered promiscuous mode [ 45.034539][ T5947] veth1_macvtap: entered promiscuous mode [ 45.040245][ T5949] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 45.046628][ T5962] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.055647][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.059835][ T5962] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.066025][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.076451][ T5962] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.079485][ T5962] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.082172][ T5962] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.085078][ T5962] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.090115][ T5947] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.092845][ T5947] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.096356][ T5947] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.099064][ T5947] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.104662][ T5948] veth0_macvtap: entered promiscuous mode [ 45.116841][ T5948] veth1_macvtap: entered promiscuous mode [ 45.147673][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.148335][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.150246][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.170424][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.172911][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.176438][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.181410][ T5948] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.184370][ T5948] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.187262][ T5948] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.189955][ T5948] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.202804][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.205574][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.214393][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.217088][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.243009][ T62] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.249098][ T62] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.260989][ T62] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 45.267986][ T62] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 45.357254][ T6052] ======================================================= [ 45.357254][ T6052] WARNING: The mand mount option has been deprecated and [ 45.357254][ T6052] and is ignored by this kernel. Remove the mand [ 45.357254][ T6052] option from the mount to silence this warning. [ 45.357254][ T6052] ======================================================= [ 45.476129][ T6057] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 45.603227][ T6059] Zero length message leads to an empty skb [ 46.034049][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 46.036898][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 46.039542][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 46.042112][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 46.045084][ T0] NOHZ tick-stop error: local softirq work is pending, handler #280!!! [ 46.048313][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 46.051304][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 46.074146][ T6065] input: syz0 as /devices/virtual/input/input5 [ 46.594166][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 46.615010][ T0] NOHZ tick-stop error: local softirq work is pending, handler #10!!! [ 46.633976][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 46.634870][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 46.722870][ T5965] Bluetooth: hci0: command tx timeout [ 46.724792][ T5961] Bluetooth: hci1: command tx timeout [ 46.780642][ T5965] Bluetooth: hci2: command tx timeout [ 46.790809][ T5965] Bluetooth: hci3: command tx timeout [ 47.194904][ T6085] bridge_slave_0: left allmulticast mode [ 47.196818][ T6085] bridge_slave_0: left promiscuous mode [ 47.199192][ T6085] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.209218][ T6085] bridge_slave_1: left allmulticast mode [ 47.211031][ T6085] bridge_slave_1: left promiscuous mode [ 47.212867][ T6085] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.237003][ T6085] bond0: (slave bond_slave_0): Releasing backup interface [ 47.241442][ T6085] bond0: (slave bond_slave_1): Releasing backup interface [ 47.249654][ T6085] team0: Port device team_slave_0 removed [ 47.255313][ T6085] team0: Port device team_slave_1 removed [ 47.257577][ T6085] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 47.259993][ T6085] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 47.280226][ T6085] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 47.282591][ T6085] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 47.303295][ T6086] team0: Mode changed to "loadbalance" [ 47.333333][ T6085] vlan0: entered promiscuous mode [ 47.340349][ T6085] team0: Port device vlan0 added [ 47.349372][ T6085] tipc: Started in network mode [ 47.350998][ T6085] tipc: Node identity aaaaaaaaaa1a, cluster identity 4711 [ 47.353355][ T6085] tipc: Enabled bearer , priority 0 [ 47.550553][ T6098] evm: overlay not supported [ 48.484368][ T1325] tipc: Node number set to 11578026 [ 48.774078][ T5965] Bluetooth: hci0: command tx timeout [ 48.783887][ T5965] Bluetooth: hci1: command tx timeout [ 48.854188][ T5961] Bluetooth: hci3: command tx timeout [ 48.855964][ T5961] Bluetooth: hci2: command tx timeout [ 48.981878][ T6112] tipc: Resetting bearer [ 49.087729][ T6112] vlan0: left promiscuous mode [ 49.139052][ T6112] netdevsim netdevsim0 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.141874][ T6112] netdevsim netdevsim0 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.144836][ T6112] netdevsim netdevsim0 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.147655][ T6112] netdevsim netdevsim0 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.226144][ T6113] 9p: Unknown Cache mode or invalid value fscach [ 49.614105][ T40] audit: type=1326 audit(1753847812.133:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6114 comm="syz.3.20" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fb5579 code=0x7fc00000 [ 49.726463][ T6121] netlink: 24 bytes leftover after parsing attributes in process `syz.3.20'. [ 50.190331][ T40] audit: type=1326 audit(1753847812.713:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6114 comm="syz.3.20" exe="/syz-executor" sig=0 arch=40000003 syscall=54 compat=1 ip=0xf7fb5579 code=0x7fc00000 [ 50.768666][ T6151] netlink: 48 bytes leftover after parsing attributes in process `syz.3.28'. [ 50.854290][ T5965] Bluetooth: hci1: command tx timeout [ 50.856406][ T5965] Bluetooth: hci0: command tx timeout [ 50.944263][ T5965] Bluetooth: hci3: command tx timeout [ 50.947023][ T5961] Bluetooth: hci2: command tx timeout [ 51.335283][ T6170] tipc: Enabled bearer , priority 0 [ 51.338001][ T6170] syzkaller0: entered promiscuous mode [ 51.339809][ T6170] syzkaller0: entered allmulticast mode [ 51.362523][ T6170] tipc: Resetting bearer [ 51.366455][ T6169] tipc: Resetting bearer [ 51.376646][ T6169] tipc: Disabling bearer [ 53.268257][ T6208] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(5) [ 53.270700][ T6208] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 53.303126][ T6208] vhci_hcd vhci_hcd.0: Device attached [ 53.553900][ T29] usb 38-1: SetAddress Request (2) to port 0 [ 53.556234][ T29] usb 38-1: new SuperSpeed USB device number 2 using vhci_hcd [ 54.555502][ T6209] vhci_hcd: connection reset by peer [ 54.565034][ T1139] vhci_hcd: stop threads [ 54.566693][ T1139] vhci_hcd: release socket [ 54.569093][ T1139] vhci_hcd: disconnect device [ 55.219790][ T6241] kvm: vcpu 0: requested 128 ns lapic timer period limited to 200000 ns [ 55.231013][ T6241] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (200000 ns). Using initial count to start timer. [ 55.555131][ T6249] netlink: 12 bytes leftover after parsing attributes in process `syz.2.57'. [ 55.989959][ T6258] netlink: 4 bytes leftover after parsing attributes in process `syz.1.59'. [ 56.176623][ T6261] netlink: 4 bytes leftover after parsing attributes in process `syz.0.60'. [ 56.808477][ T6278] bond0: (slave lo): enslaved VLAN challenged slave. Adding VLANs will be blocked as long as it is part of bond. [ 56.812134][ T6278] bond0: (slave lo): Error: Device can not be enslaved while up [ 56.817291][ T6278] Bluetooth: MGMT ver 1.23 [ 56.954987][ T6280] netlink: 144 bytes leftover after parsing attributes in process `syz.1.66'. [ 57.255815][ T6286] warning: `syz.0.69' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 58.623958][ T29] usb 38-1: device descriptor read/8, error -110 [ 59.024435][ T29] usb usb38-port1: attempt power cycle [ 59.676066][ T29] usb usb38-port1: unable to enumerate USB device [ 60.041917][ T6359] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(10) [ 60.044072][ T6359] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 60.046689][ T6359] vhci_hcd vhci_hcd.0: Device attached [ 60.304069][ T10] usb 43-1: new high-speed USB device number 2 using vhci_hcd [ 60.899375][ T6362] vhci_hcd: connection reset by peer [ 60.901324][ T75] vhci_hcd: stop threads [ 60.902989][ T75] vhci_hcd: release socket [ 60.905059][ T75] vhci_hcd: disconnect device [ 61.546111][ T6408] team0: Port device vlan0 removed [ 61.577477][ T6410] syz.3.84: vmalloc error: size 8589938688, exceeds total pages, mode:0xdc0(GFP_KERNEL|__GFP_ZERO), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 61.583582][ T6410] CPU: 0 UID: 0 PID: 6410 Comm: syz.3.84 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 61.583605][ T6410] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 61.583612][ T6410] Call Trace: [ 61.583617][ T6410] [ 61.583622][ T6410] dump_stack_lvl+0x16c/0x1f0 [ 61.583640][ T6410] warn_alloc+0x248/0x3a0 [ 61.583654][ T6410] ? __pfx_warn_alloc+0x10/0x10 [ 61.583665][ T6410] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 61.583680][ T6410] ? stack_depot_save_flags+0x3e0/0xa40 [ 61.583698][ T6410] ? kasan_save_stack+0x42/0x60 [ 61.583710][ T6410] ? kasan_save_stack+0x33/0x60 [ 61.583721][ T6410] ? kasan_save_track+0x14/0x30 [ 61.583733][ T6410] ? xskq_create+0x52/0x1d0 [ 61.583744][ T6410] ? xsk_setsockopt+0x640/0x840 [ 61.583753][ T6410] ? do_sock_setsockopt+0xf0/0x1d0 [ 61.583773][ T6410] ? xskq_create+0xfb/0x1d0 [ 61.583785][ T6410] __vmalloc_node_range_noprof+0xff5/0x14b0 [ 61.583822][ T6410] ? xskq_create+0xfb/0x1d0 [ 61.583838][ T6410] ? __pfx___vmalloc_node_range_noprof+0x10/0x10 [ 61.583862][ T6410] ? xskq_create+0xfb/0x1d0 [ 61.583874][ T6410] vmalloc_user_noprof+0x9e/0xe0 [ 61.583891][ T6410] ? xskq_create+0xfb/0x1d0 [ 61.583904][ T6410] xskq_create+0xfb/0x1d0 [ 61.583918][ T6410] xsk_setsockopt+0x640/0x840 [ 61.583931][ T6410] ? __pfx_xsk_setsockopt+0x10/0x10 [ 61.583942][ T6410] ? __pfx_aa_sk_perm+0x10/0x10 [ 61.583960][ T6410] ? __fget_files+0x204/0x3c0 [ 61.583973][ T6410] ? __pfx_xsk_setsockopt+0x10/0x10 [ 61.583984][ T6410] do_sock_setsockopt+0xf0/0x1d0 [ 61.584003][ T6410] __sys_setsockopt+0x120/0x1a0 [ 61.584019][ T6410] __ia32_sys_setsockopt+0xbc/0x160 [ 61.584032][ T6410] ? lockdep_hardirqs_on+0x7c/0x110 [ 61.584058][ T6410] ? syscall_enter_from_user_mode_prepare+0x68/0xe0 [ 61.584073][ T6410] __do_fast_syscall_32+0x7c/0x3a0 [ 61.584088][ T6410] do_fast_syscall_32+0x32/0x80 [ 61.584103][ T6410] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 61.584116][ T6410] RIP: 0023:0xf7fb5579 [ 61.584125][ T6410] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 61.584145][ T6410] RSP: 002b:00000000f50d655c EFLAGS: 00000296 ORIG_RAX: 000000000000016e [ 61.584157][ T6410] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 000000000000011b [ 61.584164][ T6410] RDX: 0000000000000006 RSI: 0000000080000000 RDI: 0000000000000004 [ 61.584171][ T6410] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 61.584177][ T6410] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 61.584184][ T6410] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 61.584198][ T6410] [ 61.675760][ T6410] Mem-Info: [ 61.676962][ T6410] active_anon:8818 inactive_anon:0 isolated_anon:0 [ 61.676962][ T6410] active_file:1253 inactive_file:42906 isolated_file:0 [ 61.676962][ T6410] unevictable:3801 dirty:3618 writeback:0 [ 61.676962][ T6410] slab_reclaimable:10165 slab_unreclaimable:53477 [ 61.676962][ T6410] mapped:27238 shmem:5267 pagetables:1048 [ 61.676962][ T6410] sec_pagetables:301 bounce:0 [ 61.676962][ T6410] kernel_misc_reclaimable:0 [ 61.676962][ T6410] free:48934 free_pcp:11530 free_cma:0 [ 61.690636][ T6411] netlink: 4 bytes leftover after parsing attributes in process `syz.3.84'. [ 61.691706][ T6410] Node 0 active_anon:2380kB inactive_anon:0kB active_file:4kB inactive_file:14740kB unevictable:3536kB isolated(anon):0kB isolated(file):0kB mapped:8068kB dirty:12kB writeback:0kB shmem:3988kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:7952kB pagetables:1164kB sec_pagetables:1128kB all_unreclaimable? yes Balloon:0kB [ 61.704315][ T6410] Node 1 active_anon:32892kB inactive_anon:0kB active_file:5008kB inactive_file:156884kB unevictable:11668kB isolated(anon):0kB isolated(file):0kB mapped:100884kB dirty:14460kB writeback:0kB shmem:17080kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:6144kB writeback_tmp:0kB kernel_stack:4992kB pagetables:3028kB sec_pagetables:76kB all_unreclaimable? no Balloon:0kB [ 61.715634][ T6410] Node 0 DMA free:2584kB boost:2048kB min:2808kB low:2996kB high:3184kB reserved_highatomic:0KB free_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:656kB local_pcp:232kB free_cma:0kB [ 61.726307][ T6410] lowmem_reserve[]: 0 288 288 288 288 [ 61.728317][ T6410] Node 0 DMA32 free:17536kB boost:0kB min:13220kB low:16524kB high:19828kB reserved_highatomic:4096KB free_highatomic:1052KB active_anon:2380kB inactive_anon:0kB active_file:4kB inactive_file:14740kB unevictable:3536kB writepending:12kB present:1032196kB managed:295668kB mlocked:0kB bounce:0kB free_pcp:13948kB local_pcp:3968kB free_cma:0kB [ 61.738892][ T6410] lowmem_reserve[]: 0 0 0 0 0 [ 61.741021][ T6410] Node 1 DMA32 free:175116kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB free_highatomic:0KB active_anon:32992kB inactive_anon:0kB active_file:5008kB inactive_file:156884kB unevictable:11668kB writepending:14460kB present:1048432kB managed:948284kB mlocked:8192kB bounce:0kB free_pcp:31344kB local_pcp:1048kB free_cma:0kB [ 61.752119][ T6410] lowmem_reserve[]: 0 0 0 0 0 [ 61.754239][ T6410] Node 0 DMA: 88*4kB (UE) 21*8kB (UE) 9*16kB (UE) 8*32kB (UE) 2*64kB (UE) 0*128kB 0*256kB 1*512kB (E) 1*1024kB (E) 0*2048kB 0*4096kB = 2584kB [ 61.759562][ T6410] Node 0 DMA32: 350*4kB (UMEH) 91*8kB (UMEH) 19*16kB (MEH) 228*32kB (UH) 84*64kB (UEH) 11*128kB (UMH) 4*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 17536kB [ 61.774106][ T6410] Node 1 DMA32: 3*4kB (ME) 3*8kB (ME) 5*16kB (UME) 39*32kB (UME) 74*64kB (UME) 74*128kB (UME) 28*256kB (UME) 17*512kB (ME) 14*1024kB (UME) 1*2048kB (M) 31*4096kB (M) = 174804kB [ 61.781473][ T6410] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 61.785492][ T6410] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 61.789443][ T6410] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 61.793334][ T6410] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 61.797240][ T6410] 49422 total pagecache pages [ 61.799205][ T6410] 0 pages in swap cache [ 61.800961][ T6410] Free swap = 124996kB [ 61.802763][ T6410] Total swap = 124996kB [ 61.804420][ T6410] 524155 pages RAM [ 61.806199][ T6410] 0 pages HighMem/MovableOnly [ 61.808224][ T6410] 209327 pages reserved [ 61.810011][ T6410] 0 pages cma reserved [ 62.221718][ T6398] Set syz1 is full, maxelem 65536 reached [ 62.397001][ T6436] tipc: Started in network mode [ 62.398616][ T6436] tipc: Node identity cacd2bd00c8a, cluster identity 4711 [ 62.401116][ T6436] tipc: Enabled bearer , priority 0 [ 62.407392][ T6436] syzkaller0: entered promiscuous mode [ 62.409333][ T6436] syzkaller0: entered allmulticast mode [ 62.434747][ T6436] tipc: Resetting bearer [ 62.440187][ T6435] tipc: Resetting bearer [ 62.480387][ T6435] tipc: Disabling bearer [ 62.798046][ T6440] netlink: 4 bytes leftover after parsing attributes in process `syz.1.91'. [ 63.127579][ T6444] netlink: 'syz.1.92': attribute type 1 has an invalid length. [ 63.191198][ T6444] bond1: (slave vxcan3): The slave device specified does not support setting the MAC address [ 63.210513][ T6444] bond1: (slave vxcan3): Error -95 calling set_mac_address [ 63.278330][ T6447] gretap1: entered promiscuous mode [ 63.281403][ T6447] bond1: (slave gretap1): making interface the new active one [ 63.295833][ T6447] bond1: (slave gretap1): Enslaving as an active interface with an up link [ 63.329857][ T6444] macvlan2: entered promiscuous mode [ 63.331641][ T6444] macvlan2: entered allmulticast mode [ 63.333727][ T6444] bond1: entered promiscuous mode [ 63.338101][ T6444] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 63.364968][ T6444] bond1: (slave macvlan2): the slave hw address is in use by the bond; giving it the hw address of gretap1 [ 63.384998][ T6444] bond1: left promiscuous mode [ 63.873949][ T6460] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 63.876027][ T6460] vhci_hcd vhci_hcd.0: devid(0) speed(6) speed_str(super-speed-plus) [ 63.881961][ T6460] vhci_hcd vhci_hcd.0: Device attached [ 64.222993][ T6464] vhci_hcd: connection closed [ 64.224387][ T12] vhci_hcd: stop threads [ 64.227459][ T12] vhci_hcd: release socket [ 64.229363][ T12] vhci_hcd: disconnect device [ 64.428722][ T6472] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 65.198389][ T6482] netlink: 'syz.0.99': attribute type 10 has an invalid length. [ 65.204096][ T6482] netlink: 'syz.0.99': attribute type 10 has an invalid length. [ 65.206615][ T6482] netlink: 2 bytes leftover after parsing attributes in process `syz.0.99'. [ 65.214198][ T6482] team0: entered promiscuous mode [ 65.216964][ T6482] 8021q: adding VLAN 0 to HW filter on device team0 [ 65.219268][ T6482] bridge0: port 1(team0) entered blocking state [ 65.221634][ T6482] bridge0: port 1(team0) entered disabled state [ 65.231905][ T6482] team0: entered allmulticast mode [ 65.364611][ T6484] netlink: 'syz.1.102': attribute type 4 has an invalid length. [ 65.403984][ T10] vhci_hcd: vhci_device speed not set [ 66.468742][ T6507] ptrace attach of "/syz-executor exec"[5947] was attempted by "/syz-executor exec"[6507] [ 67.066178][ T5989] usb usb44-port1: attempt power cycle [ 67.203583][ T6515] netlink: 4 bytes leftover after parsing attributes in process `syz.3.110'. [ 67.438169][ T6520] netlink: 4 bytes leftover after parsing attributes in process `syz.3.111'. [ 67.440944][ T6520] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 67.469867][ T6520] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 67.796378][ T5989] usb usb44-port1: unable to enumerate USB device [ 68.531510][ T6548] binder_alloc: 6545: binder_alloc_buf, no vma [ 70.294550][ T6570] netlink: 'syz.3.125': attribute type 4 has an invalid length. [ 70.348644][ T6576] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.421185][ T6577] debugfs: 'ttyS3' already exists in 'caif_serial' [ 70.429894][ T6576] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.545454][ T6576] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.750215][ T6576] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 70.859753][ T1417] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.862018][ T1417] ieee802154 phy1 wpan1: encryption failed: -22 [ 70.921297][ T6576] netdevsim netdevsim2 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.964069][ T6576] netdevsim netdevsim2 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 70.995102][ T6576] netdevsim netdevsim2 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.010234][ T6576] netdevsim netdevsim2 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 71.233485][ T1417] ================================================================== [ 71.236096][ T1417] BUG: KASAN: slab-use-after-free in handle_tx+0x5a5/0x630 [ 71.238375][ T1417] Read of size 8 at addr ffff88806a61f020 by task aoe_tx0/1417 [ 71.241680][ T1417] [ 71.242831][ T1417] CPU: 0 UID: 0 PID: 1417 Comm: aoe_tx0 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 71.242846][ T1417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 71.242853][ T1417] Call Trace: [ 71.242857][ T1417] [ 71.242862][ T1417] dump_stack_lvl+0x116/0x1f0 [ 71.242879][ T1417] print_report+0xcd/0x630 [ 71.242893][ T1417] ? __virt_addr_valid+0x81/0x610 [ 71.242906][ T1417] ? __phys_addr+0xe8/0x180 [ 71.242918][ T1417] ? handle_tx+0x5a5/0x630 [ 71.242934][ T1417] kasan_report+0xe0/0x110 [ 71.242948][ T1417] ? handle_tx+0x5a5/0x630 [ 71.242965][ T1417] handle_tx+0x5a5/0x630 [ 71.242983][ T1417] dev_hard_start_xmit+0x97/0x740 [ 71.242998][ T1417] __dev_queue_xmit+0x7eb/0x43e0 [ 71.243012][ T1417] ? irqentry_exit+0x21/0x90 [ 71.243026][ T1417] ? __pfx___dev_queue_xmit+0x10/0x10 [ 71.243039][ T1417] ? __lock_acquire+0xb8a/0x1c90 [ 71.243059][ T1417] ? __lock_acquire+0xb8a/0x1c90 [ 71.243076][ T1417] ? do_raw_spin_lock+0x12c/0x2b0 [ 71.243086][ T1417] ? find_held_lock+0x2b/0x80 [ 71.243099][ T1417] ? skb_dequeue+0x126/0x180 [ 71.243109][ T1417] ? find_held_lock+0x2b/0x80 [ 71.243121][ T1417] ? rcu_is_watching+0x12/0xc0 [ 71.243134][ T1417] tx+0xcc/0x190 [ 71.243144][ T1417] ? __pfx_tx+0x10/0x10 [ 71.243153][ T1417] kthread+0x1e4/0x3e0 [ 71.243169][ T1417] ? find_held_lock+0x2b/0x80 [ 71.243180][ T1417] ? __pfx_kthread+0x10/0x10 [ 71.243195][ T1417] ? __pfx_default_wake_function+0x10/0x10 [ 71.243208][ T1417] ? lockdep_hardirqs_on+0x7c/0x110 [ 71.243222][ T1417] ? __kthread_parkme+0x19e/0x250 [ 71.243236][ T1417] ? __pfx_kthread+0x10/0x10 [ 71.243251][ T1417] kthread+0x3c2/0x780 [ 71.243268][ T1417] ? __pfx_kthread+0x10/0x10 [ 71.243284][ T1417] ? rcu_is_watching+0x12/0xc0 [ 71.243296][ T1417] ? __pfx_kthread+0x10/0x10 [ 71.243312][ T1417] ret_from_fork+0x5d7/0x6f0 [ 71.243328][ T1417] ? __pfx_kthread+0x10/0x10 [ 71.243344][ T1417] ret_from_fork_asm+0x1a/0x30 [ 71.243360][ T1417] [ 71.243364][ T1417] [ 71.306000][ T1417] Allocated by task 6577: [ 71.307364][ T1417] kasan_save_stack+0x33/0x60 [ 71.308858][ T1417] kasan_save_track+0x14/0x30 [ 71.310354][ T1417] __kasan_kmalloc+0xaa/0xb0 [ 71.311819][ T1417] alloc_tty_struct+0x96/0x8c0 [ 71.313333][ T1417] tty_init_dev.part.0+0x1e/0x500 [ 71.314930][ T1417] tty_open+0xa50/0xf90 [ 71.316256][ T1417] chrdev_open+0x234/0x6a0 [ 71.317668][ T1417] do_dentry_open+0x744/0x1c10 [ 71.319208][ T1417] vfs_open+0x82/0x3f0 [ 71.320501][ T1417] path_openat+0x1de4/0x2cb0 [ 71.321976][ T1417] do_filp_open+0x20b/0x470 [ 71.323427][ T1417] do_sys_openat2+0x11b/0x1d0 [ 71.324912][ T1417] __ia32_compat_sys_openat+0x16d/0x210 [ 71.326655][ T1417] __do_fast_syscall_32+0x7c/0x3a0 [ 71.328283][ T1417] do_fast_syscall_32+0x32/0x80 [ 71.329819][ T1417] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 71.331820][ T1417] [ 71.332595][ T1417] Freed by task 6658: [ 71.333873][ T1417] kasan_save_stack+0x33/0x60 [ 71.335379][ T1417] kasan_save_track+0x14/0x30 [ 71.336864][ T1417] kasan_save_free_info+0x3b/0x60 [ 71.338451][ T1417] __kasan_slab_free+0x51/0x70 [ 71.339962][ T1417] kfree+0x2b4/0x4d0 [ 71.341201][ T1417] process_one_work+0x9cf/0x1b70 [ 71.342768][ T1417] worker_thread+0x6c8/0xf10 [ 71.344225][ T1417] kthread+0x3c2/0x780 [ 71.345523][ T1417] ret_from_fork+0x5d7/0x6f0 [ 71.347200][ T1417] ret_from_fork_asm+0x1a/0x30 [ 71.348853][ T1417] [ 71.349611][ T1417] Last potentially related work creation: [ 71.351483][ T1417] kasan_save_stack+0x33/0x60 [ 71.353025][ T1417] kasan_record_aux_stack+0xa7/0xc0 [ 71.354747][ T1417] insert_work+0x36/0x230 [ 71.356115][ T1417] __queue_work+0x97e/0x10f0 [ 71.357572][ T1417] queue_work_on+0x1a4/0x1f0 [ 71.359032][ T1417] release_tty+0x4de/0x5d0 [ 71.360463][ T1417] tty_release_struct+0xb7/0xe0 [ 71.362008][ T1417] tty_release+0xe2d/0x1430 [ 71.363447][ T1417] __fput+0x3ff/0xb70 [ 71.364720][ T1417] task_work_run+0x150/0x240 [ 71.366202][ T1417] exit_to_user_mode_loop+0xeb/0x110 [ 71.367863][ T1417] __do_fast_syscall_32+0x2ac/0x3a0 [ 71.369427][ T1417] do_fast_syscall_32+0x32/0x80 [ 71.370938][ T1417] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 71.372910][ T1417] [ 71.373683][ T1417] The buggy address belongs to the object at ffff88806a61f000 [ 71.373683][ T1417] which belongs to the cache kmalloc-cg-2k of size 2048 [ 71.378083][ T1417] The buggy address is located 32 bytes inside of [ 71.378083][ T1417] freed 2048-byte region [ffff88806a61f000, ffff88806a61f800) [ 71.382283][ T1417] [ 71.383055][ T1417] The buggy address belongs to the physical page: [ 71.385052][ T1417] page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6a618 [ 71.387780][ T1417] head: order:3 mapcount:0 entire_mapcount:0 nr_pages_mapped:0 pincount:0 [ 71.390438][ T1417] memcg:ffff88806919b501 [ 71.391783][ T1417] anon flags: 0x4fff00000000040(head|node=1|zone=1|lastcpupid=0x7ff) [ 71.394288][ T1417] page_type: f5(slab) [ 71.395555][ T1417] raw: 04fff00000000040 ffff88801b84c140 0000000000000000 0000000000000001 [ 71.398225][ T1417] raw: 0000000000000000 0000000080080008 00000000f5000000 ffff88806919b501 [ 71.400862][ T1417] head: 04fff00000000040 ffff88801b84c140 0000000000000000 0000000000000001 [ 71.403546][ T1417] head: 0000000000000000 0000000080080008 00000000f5000000 ffff88806919b501 [ 71.406238][ T1417] head: 04fff00000000003 ffffea0001a98601 00000000ffffffff 00000000ffffffff [ 71.408915][ T1417] head: ffffffffffffffff 0000000000000000 00000000ffffffff 0000000000000008 [ 71.411629][ T1417] page dumped because: kasan: bad access detected [ 71.413622][ T1417] page_owner tracks the page as allocated [ 71.415400][ T1417] page last allocated via order 3, migratetype Unmovable, gfp_mask 0xd20c0(__GFP_IO|__GFP_FS|__GFP_NOWARN|__GFP_NORETRY|__GFP_COMP|__GFP_NOMEMALLOC), pid 5948, tgid 5948 (syz-executor), ts 43402176676, free_ts 0 [ 71.421636][ T1417] post_alloc_hook+0x1c0/0x230 [ 71.423156][ T1417] get_page_from_freelist+0x1321/0x3890 [ 71.424884][ T1417] __alloc_frozen_pages_noprof+0x261/0x23f0 [ 71.426750][ T1417] alloc_pages_mpol+0x1fb/0x550 [ 71.428285][ T1417] new_slab+0x23b/0x330 [ 71.429602][ T1417] ___slab_alloc+0xd9c/0x1940 [ 71.431106][ T1417] __slab_alloc.constprop.0+0x56/0xb0 [ 71.432785][ T1417] __kmalloc_node_track_caller_noprof+0x2ee/0x510 [ 71.434786][ T1417] kmemdup_noprof+0x29/0x60 [ 71.436228][ T1417] neigh_sysctl_register+0xb2/0x670 [ 71.437872][ T1417] addrconf_sysctl_register+0xb9/0x1f0 [ 71.439605][ T1417] ipv6_add_dev+0xb39/0x15f0 [ 71.441068][ T1417] addrconf_notify+0x53e/0x19e0 [ 71.442632][ T1417] notifier_call_chain+0xbc/0x410 [ 71.444219][ T1417] call_netdevice_notifiers_info+0xbe/0x140 [ 71.446112][ T1417] register_netdevice+0x182e/0x2270 [ 71.447769][ T1417] page_owner free stack trace missing [ 71.449444][ T1417] [ 71.450229][ T1417] Memory state around the buggy address: [ 71.451990][ T1417] ffff88806a61ef00: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 71.454466][ T1417] ffff88806a61ef80: fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc fc [ 71.456881][ T1417] >ffff88806a61f000: fa fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 71.459374][ T1417] ^ [ 71.461000][ T1417] ffff88806a61f080: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 71.463510][ T1417] ffff88806a61f100: fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb fb [ 71.466007][ T1417] ================================================================== [ 71.468624][ T1417] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 71.470868][ T1417] CPU: 0 UID: 0 PID: 1417 Comm: aoe_tx0 Not tainted 6.16.0-syzkaller-00857-gced1b9e0392d #0 PREEMPT(full) [ 71.474396][ T1417] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 71.477811][ T1417] Call Trace: [ 71.478839][ T1417] [ 71.479949][ T1417] dump_stack_lvl+0x3d/0x1f0 [ 71.481536][ T1417] panic+0x71c/0x800 [ 71.482803][ T1417] ? __pfx_panic+0x10/0x10 [ 71.484234][ T1417] ? irqentry_exit+0x3b/0x90 [ 71.485637][ T1417] ? lockdep_hardirqs_on+0x7c/0x110 [ 71.487273][ T1417] ? handle_tx+0x5a5/0x630 [ 71.488689][ T1417] ? check_panic_on_warn+0x1f/0xb0 [ 71.490355][ T1417] ? handle_tx+0x5a5/0x630 [ 71.491786][ T1417] check_panic_on_warn+0xab/0xb0 [ 71.493353][ T1417] end_report+0x107/0x170 [ 71.494753][ T1417] kasan_report+0xee/0x110 [ 71.496193][ T1417] ? handle_tx+0x5a5/0x630 [ 71.497605][ T1417] handle_tx+0x5a5/0x630 [ 71.498975][ T1417] dev_hard_start_xmit+0x97/0x740 [ 71.500575][ T1417] __dev_queue_xmit+0x7eb/0x43e0 [ 71.502175][ T1417] ? irqentry_exit+0x21/0x90 [ 71.503643][ T1417] ? __pfx___dev_queue_xmit+0x10/0x10 [ 71.505337][ T1417] ? __lock_acquire+0xb8a/0x1c90 [ 71.506911][ T1417] ? __lock_acquire+0xb8a/0x1c90 [ 71.508490][ T1417] ? do_raw_spin_lock+0x12c/0x2b0 [ 71.510097][ T1417] ? find_held_lock+0x2b/0x80 [ 71.511595][ T1417] ? skb_dequeue+0x126/0x180 [ 71.513052][ T1417] ? find_held_lock+0x2b/0x80 [ 71.514550][ T1417] ? rcu_is_watching+0x12/0xc0 [ 71.516066][ T1417] tx+0xcc/0x190 [ 71.517202][ T1417] ? __pfx_tx+0x10/0x10 [ 71.518520][ T1417] kthread+0x1e4/0x3e0 [ 71.519800][ T1417] ? find_held_lock+0x2b/0x80 [ 71.521284][ T1417] ? __pfx_kthread+0x10/0x10 [ 71.522760][ T1417] ? __pfx_default_wake_function+0x10/0x10 [ 71.524582][ T1417] ? lockdep_hardirqs_on+0x7c/0x110 [ 71.526228][ T1417] ? __kthread_parkme+0x19e/0x250 [ 71.527809][ T1417] ? __pfx_kthread+0x10/0x10 [ 71.529271][ T1417] kthread+0x3c2/0x780 [ 71.530572][ T1417] ? __pfx_kthread+0x10/0x10 [ 71.532036][ T1417] ? rcu_is_watching+0x12/0xc0 [ 71.533548][ T1417] ? __pfx_kthread+0x10/0x10 [ 71.535029][ T1417] ret_from_fork+0x5d7/0x6f0 [ 71.536513][ T1417] ? __pfx_kthread+0x10/0x10 [ 71.538086][ T1417] ret_from_fork_asm+0x1a/0x30 [ 71.539612][ T1417] [ 71.541316][ T1417] Kernel Offset: disabled [ 71.542701][ T1417] Rebooting in 86400 seconds.. VM DIAGNOSIS: 03:57:13 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000061 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff855d3965 RDI=ffffffff9b0c6840 RBP=ffffffff9b0c6800 RSP=ffffc9000751f458 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=20666f2064616552 R12=0000000000000000 R13=0000000000000061 R14=ffffffff9b0c6800 R15=ffffffff855d3900 RIP=ffffffff855d398f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097506000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002f904ff8 CR3=000000004f5ef000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000d000000000 0000000300000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=1ffff11004714118 RBX=ffff88802473b200 RCX=0000000000000000 RDX=dffffc0000000000 RSI=ffffffff849e08f6 RDI=ffff88802473b280 RBP=dffffc0000000000 RSP=ffffc900237af750 R8 =0000000000000003 R9 =0000000000000005 R10=0000000000000002 R11=0000000000000001 R12=ffff888051ef0600 R13=1ffff920046f5ef6 R14=ffff8880238a08c0 R15=ffff88806a90dac0 RIP=ffffffff849e096c RFL=00000a06 [-O---P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097606000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000080030000 CR3=000000006d40b000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000d000000000 0000000300000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000001 RBX=ffff88802b23a400 RCX=0000000000000100 RDX=0000000000000001 RSI=0000000000000002 RDI=ffff88802b23a402 RBP=dffffc0000000000 RSP=ffffc90020e9f4a0 R8 =0000000000000001 R9 =ffff88802b43b394 R10=ffff88802b23a403 R11=0000000000000001 R12=0000000000007f82 R13=0000000000000000 R14=ffff88802b43b380 R15=ffffed1005647480 RIP=ffffffff8b8bddba RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097706000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002fa00ffc CR3=000000006d40b000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73c4ff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000000ab5f5 RBX=0000000000000003 RCX=ffffffff8b892c69 RDX=0000000000000000 RSI=ffffffff8de2fe9c RDI=ffffffff8c15a9e0 RBP=ffffed100386a000 RSP=ffffc9000048fdf8 R8 =0000000000000001 R9 =ffffed10056a6645 R10=ffff88802b53322b R11=0000000000000001 R12=0000000000000003 R13=ffff88801c350000 R14=ffffffff90a97b50 R15=0000000000000000 RIP=ffffffff8b8917cf RFL=00000286 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097806000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002f7deffc CR3=000000006500a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000003000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000