last executing test programs: 5.345210813s ago: executing program 0 (id=274): r0 = syz_open_procfs(0x0, &(0x7f0000000080)='net/ip_mr_cache\x00') r1 = timerfd_create(0x0, 0x0) close(r1) fremovexattr(r1, &(0x7f0000000080)=@known='user.syz\x00') syz_open_dev$mouse(&(0x7f0000000280), 0xaa, 0x4000) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=ANY=[@ANYBLOB="050000006000000043ebffff0000000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x50) r3 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000140), 0xffffffffffffffff) sendmsg$NL802154_CMD_GET_SEC_KEY(0xffffffffffffffff, &(0x7f0000000240)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x11300000}, 0xc, &(0x7f00000001c0)={&(0x7f0000000180)={0x20, r3, 0x100, 0x70bd27, 0x25dfdbfe, {}, [@NL802154_ATTR_WPAN_DEV={0xc, 0x6, 0x3}]}, 0x20}, 0x1, 0x0, 0x0, 0x10}, 0x40010) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000600), &(0x7f0000001600), 0x1, r2}, 0x38) r4 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x1}]}) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, 0x0, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) r5 = openat$vicodec0(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) prctl$PR_SET_MM_MAP(0x23, 0xe, &(0x7f00000001c0)={&(0x7f0000fea000/0x14000)=nil, &(0x7f0000fec000/0x4000)=nil, &(0x7f0000ff3000/0x1000)=nil, &(0x7f0000ffa000/0x1000)=nil, &(0x7f0000ff5000/0x3000)=nil, &(0x7f0000ffa000/0x3000)=nil, &(0x7f0000ff0000/0x4000)=nil, &(0x7f0000fec000/0x14000)=nil, &(0x7f0000ffc000/0x1000)=nil, &(0x7f0000ffb000/0x3000)=nil, &(0x7f0000fff000/0x1000)=nil, &(0x7f00000000c0)="aa", 0x1, r5}, 0x68) bpf$BPF_GET_PROG_INFO(0x15, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_AUTH_CHUNK(0xffffffffffffffff, 0x84, 0x85, 0x0, 0x0) read$FUSE(r0, &(0x7f00000000c0)={0x2020}, 0x2020) 4.910138576s ago: executing program 1 (id=279): openat$sndseq(0xffffffffffffff9c, 0x0, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r0, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f0000000040)={0x0, 0x0, 0x0}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r2 = syz_open_dev$MSR(&(0x7f0000000500), 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) iopl(0x3) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) r4 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) ioctl$VHOST_SET_FEATURES(r4, 0x4008af00, &(0x7f0000000080)=0x200000000) preadv(r4, &(0x7f0000000600)=[{&(0x7f0000000280)=""/117, 0x75}], 0x1, 0x0, 0x0) 4.475892668s ago: executing program 0 (id=282): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x8, &(0x7f00000000c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0x80a, 0x7}, {0x2, 0x2, 0xf, 0x7}, {0x0, 0x5, 0x5, 0x9}], 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='kmem_cache_free\x00'}, 0x10) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0x5d6ce95464e2c335, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x58, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0xfffffffffffffd04, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) openat$ttyprintk(0xffffff9c, &(0x7f0000000000), 0x80, 0x0) signalfd4(0xffffffffffffffff, &(0x7f0000000140), 0x8, 0x0) 3.818418963s ago: executing program 2 (id=283): socket$alg(0x26, 0x5, 0x0) syz_io_uring_setup(0xd1, 0x0, 0x0, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000240), 0xffffffffffffffff) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) sched_setaffinity(0x0, 0x0, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, 0x0, 0x0) chdir(&(0x7f0000000480)='./file0\x00') iopl(0x3) r1 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) mq_timedreceive(0xffffffffffffffff, &(0x7f0000000340)=""/221, 0xdd, 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) futex(&(0x7f000000cffc), 0x0, 0x0, 0x0, 0x0, 0x0) 3.723898747s ago: executing program 1 (id=284): openat$vcsa(0xffffff9c, 0x0, 0xc0c00, 0x0) ppoll(0x0, 0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) mprotect(&(0x7f0000ffe000/0x2000)=nil, 0x2000, 0x0) bind$vsock_stream(0xffffffffffffffff, 0x0, 0x0) r2 = mmap$KVM_VCPU(&(0x7f0000ffb000/0x2000)=nil, 0x930, 0x1000002, 0x4018831, 0xffffffffffffffff, 0x0) r3 = userfaultfd(0x80801) ioctl$UFFDIO_API(r3, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r3, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000ffc000/0x1000)=nil, 0x1000}, 0x3}) syz_memcpy_off$KVM_EXIT_HYPERCALL(r2, 0x20, &(0x7f0000000180)="5e73663bf4082f7c6cbecbf09d6dd7be5a06dfd64563f329c16f799d1836bfc45a7badc8faed24bb77c848723a43602d1fe0d236c062e105ec77ffd00fb243c3111dda42112650cc", 0x0, 0xfe2a) ioctl$UFFDIO_UNREGISTER(r3, 0x8010aa01, &(0x7f0000000000)={&(0x7f0000ffc000/0x3000)=nil, 0x3000}) 3.538795424s ago: executing program 0 (id=286): r0 = openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = socket$alg(0x26, 0x5, 0x0) bind$alg(r1, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'kw(seed-generic)\x00'}, 0x58) accept4(r1, 0x0, 0x0, 0x0) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x40241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000200)={'syzkaller1\x00', 0xc201}) r3 = socket$kcm(0x2, 0xa, 0x2) ioctl$SIOCSIFHWADDR(r3, 0x8914, &(0x7f0000000180)={'syzkaller1\x00', @link_local}) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) lseek(r0, 0x1, 0x0) socket$netlink(0x10, 0x3, 0x14) r4 = socket$kcm(0x10, 0x2, 0x0) syz_genetlink_get_family_id$tipc(&(0x7f0000000800), 0xffffffffffffffff) r5 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r5}, 0x10) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$kcm(r4, &(0x7f0000000600)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f00000002c0)="2e00000010008188040f80ec59acbc0413010048100000005e140602000000000e000a000f00000002800000121f", 0x2e}], 0x1}, 0x0) 3.394806628s ago: executing program 0 (id=287): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), r0) sendmsg$NLBL_CIPSOV4_C_ADD(r0, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000800)=ANY=[@ANYBLOB="84010000", @ANYRES16=r1, @ANYBLOB="010000000000000000000100000004000480080002000100000008000100000000000400088058010c8054000b800800090000000000080009000000000008000a000000000008000a000000000008000a000000000008000900000000000800097c86b722735035dc0067f6b13308000a000000000008000a000000000008000900975b9b5e04000b801c000b800800090000000900000009005e2a2d7a080009000000000024000b80080009e6ff0000000800090000000000080009000000000008000900000000005c000b8008000a000000000008"], 0x184}}, 0x0) r2 = io_uring_setup(0x71b9, &(0x7f00000000c0)={0x0, 0xc63b}) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_REINJECT_CONTROL(r4, 0xae71, &(0x7f00000000c0)={0x5}) io_uring_register$IORING_REGISTER_CLOCK(r2, 0x1d, 0x0, 0x0) r5 = syz_usb_connect$hid(0x0, 0x3f, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x40, 0x46d, 0xc537, 0x40, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x2d, 0x1, 0x1, 0x1, 0x20, 0x3, [{{0x9, 0x4, 0x0, 0xf, 0x1, 0x3, 0x1, 0x1, 0x1, {0x9, 0x21, 0x2, 0x5, 0x1, {0x22, 0x3e4}}, {{{0x9, 0x5, 0x81, 0x3, 0x200, 0x0, 0x6, 0x40}}, [{{0x9, 0x5, 0x2, 0x3, 0x40, 0x2, 0x5, 0xeb}}]}}}]}}]}}, &(0x7f0000000200)={0x0, 0x0, 0x0, 0x0}) r6 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0xfe, 0x7fc00100}]}) ioctl$DRM_IOCTL_PRIME_HANDLE_TO_FD(0xffffffffffffffff, 0xc00c642d, &(0x7f0000000980)={0x0, 0xc2476a88c5e71654, 0xffffffffffffffff}) ioctl$DRM_IOCTL_RM_MAP(r7, 0x4018641b, &(0x7f00000009c0)={0x0, 0x0, 0x0, 0x0, &(0x7f0000ffc000/0x1000)=nil}) syz_init_net_socket$x25(0x9, 0x5, 0x0) timer_create(0x0, &(0x7f0000000300)={0x0, 0x21}, &(0x7f0000000340)) ioctl$SECCOMP_IOCTL_NOTIF_RECV(r6, 0xc0502100, &(0x7f0000002780)={0x0}) ioctl$SECCOMP_IOCTL_NOTIF_ADDFD(r6, 0x40182103, &(0x7f0000000080)={r8, 0x1, r6, 0x80002d}) syz_usb_control_io(r5, 0x0, &(0x7f0000000900)={0x44, &(0x7f0000000480)={0x20, 0x12, 0x91, "e6ed8608d8140a8c1638a55a4e0c752b3f0da6bba486694ecb847e8085e75c2bae236d7fd6a1c4e3d040bc157c80d1d8d28b03ea53a85f7bc446ca4c8b87c157f0964ac850eb230dbdf4ded1b8084644f03d316f7a2fb6be5961337fb46eadf61c63e8527a741d88a198a64561920128023bec500c41bf9de892c5b3013f933c86a2361bf577217ddec771b27a579a4efd"}, 0x0, &(0x7f0000000580)={0x0, 0x8, 0x1, 0x2}, &(0x7f00000005c0)={0x20, 0x0, 0x4, {0x2, 0x1}}, &(0x7f0000000600)={0x20, 0x0, 0x4, {0x120, 0x80}}, &(0x7f0000000640)={0x40, 0x7, 0x2}, &(0x7f0000000680)={0x40, 0x9, 0x1, 0x5}, &(0x7f00000006c0)={0x40, 0xb, 0x2, 'lZ'}, &(0x7f0000000700)={0x40, 0xf, 0x2, 0x5}, &(0x7f0000000740)={0x40, 0x13, 0x6, @remote}, &(0x7f0000000780)={0x40, 0x17, 0x6, @local}, &(0x7f00000007c0)={0x40, 0x19, 0x2, "e98a"}, &(0x7f0000000800)={0x40, 0x1a, 0x2, 0xfffa}, 0x0, &(0x7f0000000880)={0x40, 0x1e, 0x1, 0x4}, &(0x7f00000008c0)={0x40, 0x21, 0x1, 0x23}}) 2.919977551s ago: executing program 2 (id=288): socket$inet6_udp(0xa, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x1b, 0x3, &(0x7f0000000240)=@framed={{0x18, 0x0, 0x0, 0x0, 0xb}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffa, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180), &(0x7f00000001c0)) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) r2 = socket$inet6(0xa, 0x2, 0x0) setsockopt$inet6_int(r2, 0x29, 0x4b, &(0x7f0000000100)=0x4, 0x4) fsopen(&(0x7f0000000140)='devpts\x00', 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) bind$inet6(r2, &(0x7f0000000080)={0xa, 0x4e20, 0x0, @ipv4={'\x00', '\xff\xff', @initdev={0xac, 0x1e, 0x0, 0x0}}}, 0x1c) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000400)=ANY=[@ANYBLOB="1800000000000000000000000000000095000000000000003b7a93aa71cc64dd6a2ea0f1b31eb8c4c709818740624b9188b0d0258e38de961129e89ccd564208641792519b0fc0c3849238705a8ca2d990c3c59d40f1dacbb5e7f6c73416d09e70a120ddda3a87863c2ba216d46e281f1001bc3c78ba3d74af460672c76c5e4cd4e419f5c01060d92c31918ef6a39126ee03a9"], &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x32b}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @geneve={{0xb}, {0x10, 0x2, 0x0, 0x1, [@IFLA_GENEVE_PORT={0x6, 0x5, 0x4e20}, @IFLA_GENEVE_COLLECT_METADATA={0x4}]}}}]}, 0x40}}, 0x0) 2.820105485s ago: executing program 1 (id=289): r0 = socket$inet6(0xa, 0x800000000000002, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, 0x0, &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) bind$inet6(0xffffffffffffffff, &(0x7f00004b8fe4)={0xa, 0x4e23, 0x0, @loopback}, 0x1c) sendmsg$unix(0xffffffffffffffff, &(0x7f0000000600)={0x0, 0x0, 0x0, 0x0, &(0x7f00000005c0)=[@rights={{0x10, 0x1, 0x1, [0xffffffffffffffff]}}], 0x10}, 0x0) syz_emit_ethernet(0x7e, &(0x7f00000003c0)=ANY=[@ANYBLOB="aaaaaaaaaaaa0180c200000086dd60fb6809001b2f00fc020000000000000000000000000000ff020000000000000000000000000001242088a88dff00000006000000000800000086dd88a888be080000"], 0x0) setsockopt$sock_linger(r0, 0x1, 0x3c, &(0x7f0000000180)={0x200000000000001}, 0x8) connect$inet6(r0, &(0x7f0000000000)={0xa, 0x4e21, 0x2000, @ipv4={'\x00', '\xff\xff', @remote}, 0xffffffff}, 0x1c) sendmmsg$inet6(r0, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171, 0x0, 0x0, 0x20000000}, 0xa}], 0x400000000000172, 0x4000300) 2.590182767s ago: executing program 2 (id=290): r0 = socket$inet6(0xa, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x20000000) sendto(0xffffffffffffffff, &(0x7f00000003c0), 0x0, 0x4000000, &(0x7f0000000200)=@l2tp={0x2, 0x0, @remote, 0x3}, 0x80) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000140)={0x0, {{0xa, 0x0, 0x0, @mcast2}}}, 0x88) setsockopt$inet6_MCAST_MSFILTER(r0, 0x29, 0x30, &(0x7f0000000b00)={0xb, {{0xa, 0x0, 0x0, @mcast2}}, 0x0, 0x1, [{{0xa, 0x0, 0x0, @remote}}]}, 0x10c) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, 0x0, 0x0) fcntl$setlease(r1, 0x400, 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) r4 = socket$kcm(0x29, 0x2, 0x0) r5 = memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0) pwritev(r5, &(0x7f0000000040)=[{&(0x7f0000000480)="db", 0x1}], 0x1, 0x4000001, 0x0) sendfile(r4, r5, 0x0, 0x8000fb00) 1.962991579s ago: executing program 2 (id=292): mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mount$overlay(0x0, 0x0, &(0x7f0000000340), 0x0, &(0x7f0000000180)={[{@upperdir={'upperdir', 0x3d, './file1'}}]}) open(&(0x7f0000000180)='./bus\x00', 0x14d27e, 0x0) mount$bind(&(0x7f00000002c0)='.\x00', 0x0, 0x0, 0x101091, 0x0) mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000000)={[], [], 0x2f}) chdir(&(0x7f0000000080)='./file0\x00') getsockopt$inet_sctp_SCTP_ASSOCINFO(0xffffffffffffffff, 0x84, 0x1, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(0xffffffffffffffff, 0x84, 0x64, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) sendmsg$ETHTOOL_MSG_STRSET_GET(0xffffffffffffffff, 0x0, 0x0) preadv(r1, 0x0, 0x0, 0x0, 0x0) r2 = socket(0x1e, 0x4, 0x0) connect$tipc(r2, &(0x7f0000000040)=@nameseq={0x1e, 0x1, 0x0, {0x1, 0x1, 0x4}}, 0x10) sendmmsg$unix(r2, &(0x7f0000004400), 0x400000000000203, 0x0) 1.909974529s ago: executing program 1 (id=293): syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x8002) write$sndseq(0xffffffffffffffff, &(0x7f0000000180)=[{0x0, 0x0, 0x0, 0x0, @time={0x2, 0x8}, {}, {}, @raw32={[0x0, 0x0, 0x2]}}, {0x0, 0x0, 0x0, 0x0, @tick=0x6, {}, {}, @quote}], 0x38) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bind$netlink(0xffffffffffffffff, 0x0, 0x0) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x8, &(0x7f0000000000), 0x4) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) r0 = io_uring_setup(0xc34, &(0x7f0000000180)={0x0, 0x0, 0x0, 0xffffffff}) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet_sctp6_SCTP_ENABLE_STREAM_RESET(r1, 0x84, 0x76, &(0x7f0000444ff8)={0x0, 0x7}, 0x8) setsockopt$inet_sctp6_SCTP_RECONFIG_SUPPORTED(r1, 0x84, 0x75, &(0x7f0000000000)={0x0, 0xca}, 0x8) setsockopt$inet_sctp_SCTP_SOCKOPT_BINDX_ADD(r1, 0x84, 0x64, &(0x7f0000000040)=[@in6={0xa, 0x4e23, 0x0, @loopback}], 0x1c) sendmmsg$inet6(r1, &(0x7f0000003c40)=[{{&(0x7f0000000300)={0xa, 0x4e23, 0x1, @loopback}, 0x1c, &(0x7f0000000240)=[{&(0x7f0000000140)="03", 0x1}], 0x1}}], 0x1, 0x0) r2 = socket$netlink(0x10, 0x3, 0x0) writev(r2, &(0x7f0000000180)=[{&(0x7f0000000080)="390000001300034700bb65e1c3c6ffff01000000010000005600000025000000190004000400000047fd17e5ffff0800040000000000000000", 0x39}], 0x1) setsockopt$inet_sctp6_SCTP_ADD_STREAMS(r1, 0x84, 0x79, &(0x7f00000001c0)={0x0, 0xc2, 0x7}, 0x8) close_range(r0, 0xffffffffffffffff, 0x0) 1.850155098s ago: executing program 1 (id=294): socket$inet6_udp(0xa, 0x2, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'essiv(cbc(aes),sha256)\x00'}, 0x58) socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) socket$nl_xfrm(0x10, 0x3, 0x6) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) r3 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) r4 = openat$audio1(0xffffffffffffff9c, &(0x7f0000000080), 0x129202, 0x0) ioctl$SNDCTL_DSP_SETFMT(r3, 0xc0045005, &(0x7f0000000380)=0x20) write$binfmt_elf32(r4, 0x0, 0x4cd) setsockopt$MRT6_ADD_MFC(0xffffffffffffffff, 0x29, 0xcc, 0x0, 0x0) setsockopt$MRT6_FLUSH(0xffffffffffffffff, 0x29, 0xd4, 0x0, 0x0) pselect6(0x40, &(0x7f0000000600), 0x0, &(0x7f0000000680)={0x7ff}, 0x0, 0x0) 1.77917629s ago: executing program 3 (id=295): socket$nl_netfilter(0x10, 0x3, 0xc) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={0x0, r0}, 0x18) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000000)={'lo\x00'}) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0x2, 0x31, 0xffffffffffffffff, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000800000000000000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) epoll_ctl$EPOLL_CTL_ADD(0xffffffffffffffff, 0x1, 0xffffffffffffffff, 0x0) syz_genetlink_get_family_id$tipc(0x0, 0xffffffffffffffff) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000013c0)={0x18, 0x3, &(0x7f0000000080)=@framed, &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r1}, 0x10) r2 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r2, &(0x7f0000000480)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x13f}}, 0x20) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x3) r3 = memfd_create(&(0x7f0000000200)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05', 0x0) ftruncate(r3, 0x80079a0) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r3, 0x0) 1.439682904s ago: executing program 2 (id=296): bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000140)='contention_end\x00'}, 0x10) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) getpid() socket$kcm(0x10, 0x2, 0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket$alg(0x26, 0x5, 0x0) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$TIOCSTI(0xffffffffffffffff, 0x5412, 0x0) r1 = socket$inet6(0xa, 0x3, 0x6) connect$inet6(r1, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) setsockopt$inet6_IPV6_XFRM_POLICY(r1, 0x29, 0x23, &(0x7f0000000340)={{{@in6=@dev, @in6=@initdev={0xfe, 0x88, '\x00', 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0xa}, {}, {}, 0x0, 0x0, 0x1}, {{@in=@empty, 0x8000000, 0x6c}, 0x0, @in6=@mcast2, 0x0, 0x0, 0x0, 0xfd}}, 0xe8) sendmmsg(r1, &(0x7f0000000480), 0x2e9, 0xfc) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) socket$l2tp(0x2, 0x2, 0x73) 1.439299612s ago: executing program 3 (id=297): r0 = epoll_create1(0x0) r1 = fcntl$dupfd(r0, 0x2, 0xffffffffffffffff) r2 = fanotify_init(0xcf29e565245472f0, 0x95d1f010ebe42867) fanotify_mark(r2, 0x1, 0x4000102b, r1, 0x0) syz_clone3(&(0x7f0000001340)={0x2010c280, &(0x7f0000000040), &(0x7f0000000100), &(0x7f0000000180)=0x0, {0x17}, &(0x7f0000000240)=""/104, 0x68, &(0x7f0000000300)=""/4096, &(0x7f0000001300)=[0x0, 0x0, 0x0], 0x3, {r1}}, 0x58) sched_setaffinity(r3, 0x8, &(0x7f00000013c0)=0x1a) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) userfaultfd(0x80001) fchdir(0xffffffffffffffff) fcntl$setown(0xffffffffffffffff, 0x8, 0xffffffffffffffff) fcntl$getownex(0xffffffffffffffff, 0x10, &(0x7f0000000140)) r4 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) r5 = fsopen(&(0x7f0000000200)='nfsd\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r5, 0x6, 0x0, 0x0, 0x0) close_range(r4, 0xffffffffffffffff, 0x0) 1.294264705s ago: executing program 3 (id=298): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) dup(r1) ioctl$BINDER_SET_CONTEXT_MGR_EXT(0xffffffffffffffff, 0x4018620d, 0x0) openat$sysctl(0xffffffffffffff9c, 0x0, 0x1, 0x0) mknodat$loop(0xffffffffffffff9c, &(0x7f00000000c0)='./file0/file0\x00', 0xc000, 0x0) socket(0x10, 0x3, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r2}, 0x10) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) mq_getsetattr(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) chown(0x0, 0x0, 0x0) syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x480, 0x0, 0xfffffffe}, &(0x7f0000000340), &(0x7f0000000240)) 1.256153121s ago: executing program 3 (id=299): add_key$keyring(0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff) ioctl$VIDIOC_S_FREQUENCY(0xffffffffffffffff, 0x402c5639, &(0x7f0000000000)={0x1, 0x4, 0x8000000}) syz_genetlink_get_family_id$tipc2(&(0x7f00000002c0), 0xffffffffffffffff) syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x0, 0x0) r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x40001}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r0, 0xc0306201, &(0x7f0000000300)={0x0, 0x0, 0x0, 0x1, 0x0, &(0x7f0000000240)='z'}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x100000000000000, &(0x7f0000000580)="b3"}) 1.15048747s ago: executing program 3 (id=300): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) listen(r1, 0x4000000) r2 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r2, 0x0) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) connect$inet6(r3, &(0x7f0000000180)={0xa, 0x0, 0x0, @remote, 0x12}, 0x1c) r4 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r4, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r5, 0x0) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r6, 0x0) listen(r0, 0x9) r7 = socket$netlink(0x10, 0x3, 0x8000000004) writev(r7, &(0x7f0000000040)=[{&(0x7f0000000200)="580000001400192340834b80040d8c560a0677bc45ff810500000000000058000b480400945f64009400050028925a01000000000000008000f0fffeffe809000000fff5dd0000001000010002081000418e00000004fcff", 0x58}], 0x1) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), r7) 986.540693ms ago: executing program 1 (id=301): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x0) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000040)=0xd) r3 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$TCSETSF(r3, 0x5404, &(0x7f0000000100)={0x0, 0x0, 0x0, 0x0, 0x0, "64f30ea84907e175d5966472c23d26ce8d6f3c"}) r4 = syz_io_uring_setup(0x235, &(0x7f00000002c0)={0x0, 0x4533, 0x10100, 0x0, 0x2b1}, &(0x7f0000000180)=0x0, &(0x7f0000000340)=0x0) syz_io_uring_submit(r5, r6, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {0x201}, 0x1}) io_uring_enter(r4, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r7 = socket$alg(0x26, 0x5, 0x0) bind$alg(r7, &(0x7f0000000280)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb(cipher_null)\x00'}, 0x58) r8 = accept4(r7, 0x0, 0x0, 0x0) pipe(&(0x7f0000001240)={0xffffffffffffffff, 0xffffffffffffffff}) sendfile(r9, r8, 0x0, 0x24) 570.029224ms ago: executing program 2 (id=302): openat$binderfs(0xffffffffffffff9c, &(0x7f0000000240)='./binderfs/binder0\x00', 0x2, 0x0) socket$tipc(0x1e, 0x5, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x16, 0xb, &(0x7f0000000600)=ANY=[@ANYBLOB="18000000000000000000000006000000180100002020702500000000002020207b1af8ff00000000bfa10000e200000007090000f8ffffffb702000008000000b703000000000020850000007200000095000090f3e90a00"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @flow_dissector, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$netlink(0x10, 0x3, 0x4) writev(r3, &(0x7f0000000100)=[{&(0x7f0000000000)="580000001400192340834b80043f679a10ff3d425f0200c00e7f4e32f61bcdf1e422000000000100800000000000001000aadc28da3457e792945f64009400050028925aaa000000c600000000000000feff2c707f8f00ff", 0x58}], 0x1) 249.657086ms ago: executing program 3 (id=303): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$SOCK_DIAG_BY_FAMILY(r0, 0x0, 0x4488c) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000001c0)='contention_end\x00', r1}, 0x18) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) dup(r4) listxattr(&(0x7f0000000280)='./file0\x00', 0x0, 0x0) ioctl$VT_RELDISP(r4, 0x5605) 169.756386ms ago: executing program 0 (id=304): r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x1bab, 0x0, 0x0, 0x0) r3 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r2}, &(0x7f0000000200)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r4, r5, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r3, 0x2ded, 0x4000, 0x0, 0x0, 0x0) r6 = syz_open_dev$vim2m(&(0x7f0000000000), 0x7, 0x2) pread64(r6, &(0x7f0000000180)=""/81, 0xffffffffffffff1a, 0x20000) sendmsg$NFT_BATCH(0xffffffffffffffff, 0x0, 0x0) sendfile64(0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x8a80) r7 = socket$inet6(0xa, 0x1, 0x8010000000000084) listen(r7, 0x10000) r8 = socket$inet(0xa, 0x801, 0x84) listen(r8, 0x8) r9 = socket$inet(0xa, 0x801, 0x84) listen(r9, 0x0) 0s ago: executing program 0 (id=305): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) socket$inet(0x2, 0x3, 0x2) r2 = creat(&(0x7f0000000000)='./file0\x00', 0xd931d3864d39dcdb) close(r2) r3 = open(&(0x7f0000000000)='./file0\x00', 0x0, 0x181) fcntl$setlease(r3, 0x400, 0x1) execve(&(0x7f00000000c0)='./file0\x00', 0x0, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f00000002c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$F2FS_IOC_MOVE_RANGE(r4, 0x541b, &(0x7f0000000040)={0xffffffffffffffff}) close_range(r5, 0xffffffffffffffff, 0x0) r6 = syz_io_uring_setup(0x14f, &(0x7f0000000300)={0x0, 0x4941, 0x400, 0x0, 0x1d6, 0x0, r5}, &(0x7f0000000240)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r7, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r7, r8, &(0x7f00000002c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x50, 0x4004, @fd, 0x0, 0x0}) io_uring_enter(r6, 0x5951, 0x7a89, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:7736' (ED25519) to the list of known hosts. [ 32.390036][ T5856] cgroup: Unknown subsys name 'net' [ 32.515119][ T5856] cgroup: Unknown subsys name 'cpuset' [ 32.518370][ T5856] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 33.287762][ T5856] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 35.257566][ T5917] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 35.260222][ T5917] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 35.263297][ T5917] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 35.265637][ T5917] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 35.268017][ T5917] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 35.270260][ T5917] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 35.272960][ T5917] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 35.283713][ T5922] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 35.286520][ T5921] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 35.286544][ T5922] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 35.289140][ T5927] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 35.291275][ T5922] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 35.292939][ T5927] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 35.295290][ T5922] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 35.297172][ T5927] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 35.298964][ T5922] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 35.301294][ T5927] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 35.303689][ T5922] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 35.305992][ T5927] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 35.307414][ T5922] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 35.309672][ T5927] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 35.327896][ T66] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 35.330952][ T66] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 35.333321][ T66] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 35.455250][ T5911] chnl_net:caif_netlink_parms(): no params data found [ 35.480116][ T5910] chnl_net:caif_netlink_parms(): no params data found [ 35.490599][ T5924] chnl_net:caif_netlink_parms(): no params data found [ 35.597921][ T5918] chnl_net:caif_netlink_parms(): no params data found [ 35.604923][ T5911] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.607733][ T5911] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.611340][ T5911] bridge_slave_0: entered allmulticast mode [ 35.616876][ T5911] bridge_slave_0: entered promiscuous mode [ 35.648858][ T5911] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.650952][ T5911] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.653079][ T5911] bridge_slave_1: entered allmulticast mode [ 35.655195][ T5911] bridge_slave_1: entered promiscuous mode [ 35.715439][ T5910] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.717529][ T5910] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.719599][ T5910] bridge_slave_0: entered allmulticast mode [ 35.721736][ T5910] bridge_slave_0: entered promiscuous mode [ 35.724124][ T5924] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.726177][ T5924] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.728223][ T5924] bridge_slave_0: entered allmulticast mode [ 35.730336][ T5924] bridge_slave_0: entered promiscuous mode [ 35.742555][ T5911] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 35.745757][ T5910] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.748435][ T5910] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.751083][ T5910] bridge_slave_1: entered allmulticast mode [ 35.753847][ T5910] bridge_slave_1: entered promiscuous mode [ 35.763935][ T5924] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.765982][ T5924] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.768030][ T5924] bridge_slave_1: entered allmulticast mode [ 35.770168][ T5924] bridge_slave_1: entered promiscuous mode [ 35.786743][ T5918] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.788830][ T5918] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.790933][ T5918] bridge_slave_0: entered allmulticast mode [ 35.793965][ T5918] bridge_slave_0: entered promiscuous mode [ 35.797146][ T5911] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 35.815364][ T5910] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 35.825908][ T5924] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 35.828588][ T5918] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.830623][ T5918] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.832895][ T5918] bridge_slave_1: entered allmulticast mode [ 35.835065][ T5918] bridge_slave_1: entered promiscuous mode [ 35.853298][ T5910] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 35.856816][ T5924] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 35.872773][ T5918] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 35.878406][ T5911] team0: Port device team_slave_0 added [ 35.900532][ T5918] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 35.916227][ T5911] team0: Port device team_slave_1 added [ 35.956134][ T5910] team0: Port device team_slave_0 added [ 35.958973][ T5924] team0: Port device team_slave_0 added [ 35.962312][ T5918] team0: Port device team_slave_0 added [ 35.978058][ T5910] team0: Port device team_slave_1 added [ 35.980685][ T5924] team0: Port device team_slave_1 added [ 35.983560][ T5918] team0: Port device team_slave_1 added [ 35.985915][ T5911] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 35.988018][ T5911] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 35.996380][ T5911] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.026064][ T5911] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.028745][ T5911] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.038703][ T5911] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.068050][ T5918] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.070065][ T5918] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.077890][ T5918] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.081677][ T5918] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.084189][ T5918] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.091448][ T5918] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.097878][ T5910] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.099965][ T5910] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.107704][ T5910] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.111286][ T5924] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.113311][ T5924] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.120710][ T5924] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.124827][ T5924] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.126876][ T5924] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.134482][ T5924] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.148103][ T5910] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.150107][ T5910] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.157784][ T5910] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.173635][ T5911] hsr_slave_0: entered promiscuous mode [ 36.175912][ T5911] hsr_slave_1: entered promiscuous mode [ 36.223615][ T5924] hsr_slave_0: entered promiscuous mode [ 36.225747][ T5924] hsr_slave_1: entered promiscuous mode [ 36.227662][ T5924] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 36.229944][ T5924] Cannot create hsr debugfs directory [ 36.250470][ T5910] hsr_slave_0: entered promiscuous mode [ 36.253347][ T5910] hsr_slave_1: entered promiscuous mode [ 36.255386][ T5910] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 36.257551][ T5910] Cannot create hsr debugfs directory [ 36.261588][ T5918] hsr_slave_0: entered promiscuous mode [ 36.265718][ T5918] hsr_slave_1: entered promiscuous mode [ 36.268291][ T5918] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 36.271133][ T5918] Cannot create hsr debugfs directory [ 36.503493][ T5911] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 36.507646][ T5911] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 36.514582][ T5911] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 36.519608][ T5911] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 36.529172][ T5924] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 36.535142][ T5924] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 36.538314][ T5924] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 36.542579][ T5924] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 36.568457][ T5918] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 36.573035][ T5918] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 36.577784][ T5918] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 36.583734][ T5918] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 36.604890][ T5910] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 36.608348][ T5910] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 36.611897][ T5910] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 36.618248][ T5910] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 36.640405][ T5924] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.650797][ T5924] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.656690][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.658836][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.667414][ T1142] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.669482][ T1142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.674071][ T5911] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.694153][ T5911] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.697681][ T5918] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.709312][ T5924] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 36.712458][ T5924] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 36.718143][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.720215][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.723154][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.725196][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.736624][ T5918] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.743820][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.745871][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.753600][ T259] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.755638][ T259] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.761920][ T5910] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.776615][ T5910] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.794228][ T1142] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.796267][ T1142] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.799538][ T1142] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.801897][ T1142] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.810620][ T5924] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 36.833795][ T5924] veth0_vlan: entered promiscuous mode [ 36.838240][ T5924] veth1_vlan: entered promiscuous mode [ 36.851836][ T5924] veth0_macvtap: entered promiscuous mode [ 36.855746][ T5924] veth1_macvtap: entered promiscuous mode [ 36.863926][ T5924] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 36.867346][ T5918] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 36.874119][ T5924] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 36.877289][ T5924] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.879868][ T5924] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.882675][ T5924] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.885152][ T5924] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 36.889190][ T5911] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 36.921758][ T5918] veth0_vlan: entered promiscuous mode [ 36.926090][ T5910] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 36.943139][ T1142] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.944201][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 36.945541][ T1142] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 36.948815][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 36.950157][ T5918] veth1_vlan: entered promiscuous mode [ 36.966480][ T5911] veth0_vlan: entered promiscuous mode [ 36.971989][ T5918] veth0_macvtap: entered promiscuous mode [ 36.977060][ T5910] veth0_vlan: entered promiscuous mode [ 36.979863][ T5918] veth1_macvtap: entered promiscuous mode [ 36.981386][ T5924] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 36.982663][ T5911] veth1_vlan: entered promiscuous mode [ 36.990417][ T5910] veth1_vlan: entered promiscuous mode [ 36.997135][ T5918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.000202][ T5918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.004337][ T5918] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 37.015302][ T5918] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.018298][ T5918] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.021653][ T5918] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 37.034466][ T5911] veth0_macvtap: entered promiscuous mode [ 37.037471][ T5918] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.040122][ T5918] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.043704][ T5918] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.046255][ T5918] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.050697][ T5911] veth1_macvtap: entered promiscuous mode [ 37.063058][ T5910] veth0_macvtap: entered promiscuous mode [ 37.073367][ T5910] veth1_macvtap: entered promiscuous mode [ 37.079156][ T5910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.082828][ T5910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.086045][ T5910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.089032][ T5910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.093070][ T5910] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 37.097722][ T5911] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.101510][ T5911] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.105688][ T5911] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.109521][ T5911] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.113236][ T5911] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.122417][ T5911] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.127027][ T5911] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 37.134523][ T5910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.138612][ T5910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.141373][ T5910] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.143943][ T5998] Zero length message leads to an empty skb [ 37.144963][ T5910] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.150064][ T5910] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 37.154473][ T5911] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.158112][ T5911] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.161739][ T5911] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.165885][ T5911] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.169466][ T5911] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.173531][ T5911] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.177408][ T5911] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 37.186029][ T5910] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.188576][ T5910] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.191036][ T5910] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.194672][ T5910] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.200620][ T5911] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.205153][ T5911] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.208434][ T5911] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.211668][ T5911] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.223308][ T1136] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.225555][ T1136] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.250457][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.252870][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.268429][ T259] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.270662][ T259] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.294560][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.297106][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.301663][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.304661][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.313601][ T66] Bluetooth: hci2: command tx timeout [ 37.319109][ T1136] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.322016][ T1136] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.392951][ T66] Bluetooth: hci1: command tx timeout [ 37.393086][ T5917] Bluetooth: hci3: command tx timeout [ 37.394826][ T66] Bluetooth: hci0: command tx timeout [ 37.412741][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 37.427244][ T6006] binder: 6000:6006 ioctl c0306201 0 returned -14 [ 37.457400][ T6006] sp0: Synchronizing with TNC [ 37.472490][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 37.631382][ T6000] [U] [ 38.012642][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 38.042831][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 38.046305][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 38.049967][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 38.448899][ T6031] No buffer was provided with the request [ 38.962691][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 38.965944][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 39.132565][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 39.135366][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 39.402427][ T66] Bluetooth: hci2: command tx timeout [ 39.472548][ T66] Bluetooth: hci3: command tx timeout [ 39.472593][ T5913] Bluetooth: hci1: command tx timeout [ 39.482569][ T5913] Bluetooth: hci0: command tx timeout [ 39.707336][ C2] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 40.492071][ T6063] : entered promiscuous mode [ 41.483550][ T5913] Bluetooth: hci2: command tx timeout [ 41.552488][ T5913] Bluetooth: hci3: command tx timeout [ 41.552530][ T66] Bluetooth: hci0: command tx timeout [ 41.552742][ T5917] Bluetooth: hci1: command tx timeout [ 41.857573][ T6097] syz.3.23 uses obsolete (PF_INET,SOCK_PACKET) [ 41.988519][ T6097] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 42.001597][ T6097] kvm: pic: level sensitive irq not supported [ 42.002325][ T6097] kvm: pic: non byte read [ 42.166565][ T6110] No control pipe specified [ 42.203877][ T6110] sp0: Synchronizing with TNC [ 42.392759][ T6115] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 42.418683][ T6115] kvm: pic: level sensitive irq not supported [ 42.418994][ T6115] kvm: pic: non byte read [ 42.435171][ T6115] kvm: pic: level sensitive irq not supported [ 42.435429][ T6115] kvm: pic: non byte read [ 43.562483][ T66] Bluetooth: hci2: command tx timeout [ 43.632494][ T66] Bluetooth: hci0: command tx timeout [ 43.642481][ T66] Bluetooth: hci1: command tx timeout [ 43.642523][ T5913] Bluetooth: hci3: command tx timeout [ 43.687147][ T39] audit: type=1326 audit(1735250303.528:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6121 comm="syz.1.30" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf706e579 code=0x7fc00000 [ 43.843771][ T6143] netlink: 80 bytes leftover after parsing attributes in process `syz.0.35'. [ 44.977249][ T6158] binder: 6156:6158 ioctl c0306201 0 returned -14 [ 45.027990][ T6158] sp0: Synchronizing with TNC [ 45.152069][ T6156] [U] [ 45.647129][ T6173] netlink: 'syz.0.44': attribute type 1 has an invalid length. [ 45.652813][ T6173] netlink: 224 bytes leftover after parsing attributes in process `syz.0.44'. [ 45.825051][ T6174] team0 (unregistering): Port device team_slave_0 removed [ 45.832450][ T6174] team0 (unregistering): Port device team_slave_1 removed [ 46.163965][ T6185] Bluetooth: MGMT ver 1.23 [ 46.812641][ T5322] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 46.902698][ T6203] process 'syz.1.53' launched './file0' with NULL argv: empty string added [ 46.932648][ T6204] cgroup: fork rejected by pids controller in /syz1 [ 46.984729][ T5322] usb 8-1: Using ep0 maxpacket: 32 [ 46.989807][ T5322] usb 8-1: config index 0 descriptor too short (expected 29220, got 36) [ 46.994479][ T5322] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 46.997420][ T5322] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 47.000011][ T5322] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 47.003642][ T5322] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 47.007492][ T5322] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 47.011240][ T5322] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 47.022422][ T5322] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 47.031576][ T5322] usb 8-1: config 0 descriptor?? [ 47.152017][ T6624] block device autoloading is deprecated and will be removed. [ 47.156452][ T6624] syz.0.55: attempt to access beyond end of device [ 47.156452][ T6624] md0: rw=2048, sector=0, nr_sectors = 8 limit=0 [ 47.303111][ T5322] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 47.315248][ T5322] usb 8-1: USB disconnect, device number 2 [ 47.329993][ T5322] usblp0: removed [ 47.808125][ T5322] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 47.972517][ T5322] usb 8-1: Using ep0 maxpacket: 32 [ 47.977963][ T5322] usb 8-1: config index 0 descriptor too short (expected 29220, got 36) [ 47.980431][ T5322] usb 8-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 47.983305][ T5322] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 47.988853][ T5322] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 47.991657][ T5322] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 47.994774][ T5322] usb 8-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 48.001941][ T5322] usb 8-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 48.157079][ T5322] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 48.167611][ T5322] usb 8-1: config 0 descriptor?? [ 48.429256][ T5322] usblp 8-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 48.685994][ C1] usblp0: nonzero read bulk status received: -71 [ 48.686334][ T35] usb 8-1: USB disconnect, device number 3 [ 48.689028][ T6199] usblp0: error -71 reading from printer [ 48.891287][ T6199] usblp0: removed [ 49.072870][ T832] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 49.222474][ T832] usb 5-1: Using ep0 maxpacket: 8 [ 49.227343][ T832] usb 5-1: config index 0 descriptor too short (expected 5924, got 36) [ 49.230306][ T832] usb 5-1: config 250 has an invalid interface number: 228 but max is -1 [ 49.234015][ T832] usb 5-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 49.237549][ T832] usb 5-1: config 250 has no interface number 0 [ 49.239939][ T832] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 49.244537][ T832] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 49.248582][ T832] usb 5-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 49.252647][ T832] usb 5-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 49.256675][ T832] usb 5-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 49.261658][ T832] usb 5-1: config 250 interface 228 has no altsetting 0 [ 49.264923][ T832] usb 5-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 49.267544][ T832] usb 5-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 49.270325][ T832] usb 5-1: Product: syz [ 49.271535][ T832] usb 5-1: SerialNumber: syz [ 49.275651][ T832] hub 5-1:250.228: bad descriptor, ignoring hub [ 49.277542][ T832] hub 5-1:250.228: probe with driver hub failed with error -5 [ 49.481572][ T832] usblp 5-1:250.228: usblp0: USB Bidirectional printer dev 2 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 49.860564][ T39] audit: type=1800 audit(1735250309.698:3): pid=6675 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.67" name="file0" dev="9p" ino=38928572 res=0 errno=0 [ 50.109880][ T6657] usb 5-1: reset high-speed USB device number 2 using dummy_hcd [ 50.355879][ T6678] 9pnet_virtio: no channels available for device syz [ 50.844628][ T6689] ptrace attach of ""[6690] was attempted by "/syz-executor exec"[6689] [ 50.892648][ T35] usb 5-1: USB disconnect, device number 2 [ 50.904034][ T35] usblp0: removed [ 51.428436][ T6697] 9pnet_fd: Insufficient options for proto=fd [ 52.376582][ T6706] binder: 6700:6706 ioctl c0306201 0 returned -14 [ 52.475691][ T6706] sp0: Synchronizing with TNC [ 53.154119][ T6700] [U] [ 53.784974][ T6725] mmap: syz.1.81 (6725) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 53.805491][ T6727] netlink: 'syz.2.80': attribute type 12 has an invalid length. [ 54.446183][ T39] audit: type=1800 audit(1735250314.288:4): pid=6740 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.2.86" name="file0" dev="9p" ino=38928572 res=0 errno=0 [ 54.467556][ T6740] netfs: Couldn't get user pages (rc=-14) [ 54.668056][ T6742] 9pnet_fd: Insufficient options for proto=fd [ 58.076985][ T6779] netlink: 4 bytes leftover after parsing attributes in process `syz.1.98'. [ 58.192894][ T12] Bluetooth: Error in BCSP hdr checksum [ 58.453268][ T11] Bluetooth: Error in BCSP hdr checksum [ 59.873048][ T66] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 61.526406][ T6821] tipc: Failed to remove unknown binding: 66,1,1/0:947385775/947385777 [ 61.722881][ T6821] tipc: Failed to remove unknown binding: 66,1,1/0:947385775/947385777 [ 61.725974][ T6821] tipc: Failed to remove unknown binding: 66,1,1/0:947385775/947385777 [ 61.824258][ T66] Bluetooth: hci0: Ignoring connect complete event for invalid link type [ 62.890428][ T6844] netlink: 'syz.3.115': attribute type 10 has an invalid length. [ 62.921777][ T6844] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 63.040453][ T6844] netlink: 164 bytes leftover after parsing attributes in process `syz.3.115'. [ 63.102066][ T6846] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 63.192972][ T6846] kvm: pic: level sensitive irq not supported [ 63.193428][ T6846] kvm: pic: non byte read [ 63.202676][ T6846] kvm: pic: level sensitive irq not supported [ 63.211059][ T6846] kvm: pic: non byte read [ 63.252764][ T6846] kvm: pic: level sensitive irq not supported [ 63.254091][ T6846] kvm: pic: non byte read [ 63.529208][ T6854] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 63.993922][ T6867] overlayfs: option "workdir=./bus" is useless in a non-upper mount, ignore [ 63.996949][ T6867] overlayfs: at least 2 lowerdir are needed while upperdir nonexistent [ 64.830796][ T6886] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 64.943847][ T6891] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 64.946661][ T6891] overlayfs: failed to set xattr on upper [ 64.948817][ T6891] overlayfs: ...falling back to redirect_dir=nofollow. [ 64.951381][ T6891] overlayfs: ...falling back to index=off. [ 64.954266][ T6891] overlayfs: ...falling back to uuid=null. [ 65.049020][ T6893] netlink: 28 bytes leftover after parsing attributes in process `syz.3.131'. [ 65.051783][ T6893] netlink: 28 bytes leftover after parsing attributes in process `syz.3.131'. [ 65.061702][ T6893] bond0: entered promiscuous mode [ 65.063657][ T6893] bond_slave_0: entered promiscuous mode [ 65.065579][ T6893] bond_slave_1: entered promiscuous mode [ 65.067374][ T6893] mac80211_hwsim hwsim7 wlan1: entered promiscuous mode [ 65.081811][ T6893] batadv_slave_1: entered promiscuous mode [ 65.826758][ T6908] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 65.840164][ T6908] kvm: requested 22628 ns i8254 timer period limited to 200000 ns [ 65.874672][ T66] Bluetooth: hci0: Controller not accepting commands anymore: ncmd = 0 [ 65.877199][ T66] Bluetooth: hci0: Injecting HCI hardware error event [ 65.881068][ T5917] Bluetooth: hci0: hardware error 0x00 [ 65.915162][ T6908] kvm: requested 5028 ns i8254 timer period limited to 200000 ns [ 65.975367][ T6908] kvm: requested 26819 ns i8254 timer period limited to 200000 ns [ 65.981553][ T6908] kvm: requested 111466 ns i8254 timer period limited to 200000 ns [ 65.987066][ T6908] kvm: requested 111466 ns i8254 timer period limited to 200000 ns [ 65.991694][ T6908] kvm: requested 111466 ns i8254 timer period limited to 200000 ns [ 65.995835][ T6908] kvm: requested 111466 ns i8254 timer period limited to 200000 ns [ 66.000447][ T6908] kvm: requested 111466 ns i8254 timer period limited to 200000 ns [ 66.476358][ T6920] binder: 6918:6920 ioctl c0306201 0 returned -14 [ 66.548854][ T6920] sp0: Synchronizing with TNC [ 66.654040][ T6926] netlink: 'syz.2.140': attribute type 10 has an invalid length. [ 66.664483][ T6926] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 66.678583][ T6926] netlink: 164 bytes leftover after parsing attributes in process `syz.2.140'. [ 66.778868][ T6918] [U] [ 67.225031][ T6947] warning: `syz.0.145' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 67.230032][ T6947] ALSA: mixer_oss: invalid OSS volume '}8z00000' [ 67.952487][ T5917] Bluetooth: hci0: Opcode 0x0c03 failed: -110 [ 67.993350][ T6960] input: syz1 as /devices/virtual/input/input5 [ 68.122175][ T6966] vim2m vim2m.0: vidioc_s_fmt queue busy [ 68.226107][ T6970] netlink: 20 bytes leftover after parsing attributes in process `syz.0.153'. [ 69.536885][ C0] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 69.543044][ T6993] netlink: 8 bytes leftover after parsing attributes in process `syz.2.159'. [ 69.545874][ T6993] netlink: 8 bytes leftover after parsing attributes in process `syz.2.159'. [ 69.968390][ T6992] syz.1.157 (6992): drop_caches: 2 [ 70.835696][ T1413] ieee802154 phy0 wpan0: encryption failed: -22 [ 72.061468][ T7031] netlink: 4 bytes leftover after parsing attributes in process `syz.2.167'. [ 72.113792][ T7023] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 72.119763][ T7023] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 72.147807][ T7023] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 72.163170][ T7023] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 72.164987][ T7023] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 72.167604][ T7023] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 72.178080][ T7023] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 72.179874][ T7023] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 72.238806][ T7023] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 72.575617][ T7045] [U] [ 72.576563][ T7045] [U] [ 72.578095][ T7045] [U] B-lrj[ќ6}%4 h@k-YLeU@f%Peze,9F* [ 72.581056][ T7045] [U] Cw* 9JQ#esWCv1! GpX [ 72.584633][ T7045] [U] n%9C_nBc$4( [ 72.586329][ T7045] [U] h q؛toRI#TNBs_R櫰:t 0W_[Hn% [ 72.588869][ T7045] [U] 4RЛ<)6jG؃K^R\ [ 72.590615][ T7045] [U] 7R:j37 [ 72.591779][ T7045] [U] yPDyj>|h0=TXZY֦ʢĚ4i5Az~Za~k^tGsJI:OD!M2KWR>KC?x8H*@Qeۻu .j9ȓ~{`'r)-Ǭ=5֝JLy CB;+LP,fnY%3p&)][ȋ4l㶣!J> [ 72.599997][ T7045] [U] .CeJj@KJ605RxUTTO&XO\&N%y176`Iw [ 72.603238][ T7045] [U] M<@nkJ(6))Vlr [ 72.605451][ T7045] [U] >Yg z?`OmX"9+dE{$~byDUMe!xݛAAU}j2n%mbq [ 72.608441][ T7045] [U] WVw@HZ=(Ej~OS@bH:"!jIUJ=)U gԖ=y=kadr:=SaX X [ 72.611918][ T7045] [U] BIe߄}ET@3( ߥv{κ~uk+{3T$ƻ.N[8sʇ""ʔ캄]RG5 [ 72.614993][ T7045] [U] v{ըvNb>DmtQt [ 72.616788][ T7045] [U] G*|9ٺ冸 [ 72.618037][ T7045] [U] Gmiue! Tό*8a7i5-|6lk [ 72.620526][ T7045] [U] NūD  S}RbYwIoQ&O,p],7훍uI [ 72.625604][ T7045] [U] $Lu2f_3+|nWµZEP1w~N(o͝8d ScDʮf65zgR{tK"@ :5}GBdѸ\k [ 72.629450][ T7045] [U] yҟ844n<; [ 72.630916][ T7045] [U] uI7x#e4vml苬G픔A)-(N̗Nl#)׌Su6 [ 72.633583][ T7045] [U] )<E?aUܤ9 %]dCCe+L<'t1Kȅ3. wSZYϼ9i>]Ȝ}{/`5'E 41 TnAXQI t%G7l~Bs [ 72.638025][ T7045] [U]  [ 72.639117][ T7045] [U] Zu4&e~8Eσ1l{ȨGvY$PnO4M*F`ATM0?*i#;Ѥ+4vGa%H[aYx)lG]F H|zve/ϧ17笳-ǽhO+^)8&E@A8g녌-wrs-v-ұO>q#9uaH)fSA֙inz@C>kLVD^1)m$/78..qa|)9">d>e#i`\|{ufh.. eMw}]5 -,Ţrk}FqCo*pNF [ 72.651745][ T7045] [U]  [ 72.653206][ T7045] [U] T0ԝ*XAɣa4WKc]x]L= [ 72.655678][ T7045] [U] $cUGSe6tτPpZ3T2荣9W-֑aRnBڎ:^xϧB~{j [ 72.659804][ T7045] [U] TE' 2l*a -;p;Bt.n`ߐ_;*U;5C#R/QK*msa#)aB>YؐO\;^'o5_yhlce&a`;œss{h TM0Bi^l>8٢VV8<-{$>D ]wu0?k ˼[uIrb_iL/eSi*ws*zS͎ђ [ 72.667722][ T7045] [U] [ 73.393777][ T5917] Bluetooth: hci1: command 0x0c1a tx timeout [ 73.435933][ T7043] [U] [ 73.555108][ T7054] usb 2-1: USB disconnect, device number 2 [ 73.686615][ T7059] overlayfs: conflicting options: verity=on,redirect_dir=nofollow [ 74.192536][ T66] Bluetooth: hci2: command 0x0c1a tx timeout [ 74.194726][ T5917] Bluetooth: hci3: command 0x0c1a tx timeout [ 75.472590][ T5917] Bluetooth: hci1: command 0x0c1a tx timeout [ 75.774376][ T7088] fuse: Bad value for 'fd' [ 75.991135][ T7078] orangefs_mount: mount request failed with -4 [ 76.273295][ T5917] Bluetooth: hci3: command 0x0c1a tx timeout [ 76.275047][ T5917] Bluetooth: hci2: command 0x0c1a tx timeout [ 76.650819][ T7080] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 76.653011][ T7080] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 76.655259][ T7080] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 76.735964][ T7098] netfs: Couldn't get user pages (rc=-14) [ 77.722444][ T66] Bluetooth: hci1: command 0x0c1a tx timeout [ 77.750730][ T7129] netlink: 96 bytes leftover after parsing attributes in process `syz.3.194'. [ 78.045737][ T7138] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 78.244803][ T66] block nbd3: Receive control failed (result -107) [ 78.250139][ T7141] syz.3.197: attempt to access beyond end of device [ 78.250139][ T7141] nbd3: rw=0, sector=64, nr_sectors = 1 limit=0 [ 78.255894][ T7141] syz.3.197: attempt to access beyond end of device [ 78.255894][ T7141] nbd3: rw=0, sector=256, nr_sectors = 1 limit=0 [ 78.259588][ T7141] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 78.262558][ T7141] syz.3.197: attempt to access beyond end of device [ 78.262558][ T7141] nbd3: rw=0, sector=512, nr_sectors = 1 limit=0 [ 78.266503][ T7141] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 78.269996][ T7141] syz.3.197: attempt to access beyond end of device [ 78.269996][ T7141] nbd3: rw=0, sector=64, nr_sectors = 2 limit=0 [ 78.276356][ T7141] syz.3.197: attempt to access beyond end of device [ 78.276356][ T7141] nbd3: rw=0, sector=512, nr_sectors = 2 limit=0 [ 78.280180][ T7141] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 78.283223][ T7141] syz.3.197: attempt to access beyond end of device [ 78.283223][ T7141] nbd3: rw=0, sector=1024, nr_sectors = 2 limit=0 [ 78.287109][ T7141] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 78.290061][ T7141] syz.3.197: attempt to access beyond end of device [ 78.290061][ T7141] nbd3: rw=0, sector=64, nr_sectors = 4 limit=0 [ 78.296163][ T7141] syz.3.197: attempt to access beyond end of device [ 78.296163][ T7141] nbd3: rw=0, sector=1024, nr_sectors = 4 limit=0 [ 78.303986][ T7141] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 78.306915][ T7141] syz.3.197: attempt to access beyond end of device [ 78.306915][ T7141] nbd3: rw=0, sector=2048, nr_sectors = 4 limit=0 [ 78.310643][ T7141] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 78.313753][ T7141] syz.3.197: attempt to access beyond end of device [ 78.313753][ T7141] nbd3: rw=0, sector=64, nr_sectors = 8 limit=0 [ 78.317529][ T7141] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=256, location=256 [ 78.320411][ T7141] UDF-fs: error (device nbd3): udf_read_tagged: read failed, block=512, location=512 [ 78.323181][ T7141] UDF-fs: warning (device nbd3): udf_fill_super: No partition found (1) [ 78.373653][ T7144] nbd3: detected capacity change from 0 to 20 [ 78.378638][ T5864] block nbd3: Dead connection, failed to find a fallback [ 78.380802][ T5864] block nbd3: shutting down sockets [ 78.382574][ T5864] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 78.385905][ T5864] Buffer I/O error on dev nbd3, logical block 0, async page read [ 78.388562][ T5864] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 78.391144][ T5864] Buffer I/O error on dev nbd3, logical block 0, async page read [ 78.393694][ T5864] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 78.396449][ T5864] Buffer I/O error on dev nbd3, logical block 0, async page read [ 78.398869][ T5864] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 78.401591][ T5864] Buffer I/O error on dev nbd3, logical block 0, async page read [ 78.404841][ T5864] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 78.407642][ T5864] Buffer I/O error on dev nbd3, logical block 0, async page read [ 78.410109][ T5864] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 78.413270][ T5864] Buffer I/O error on dev nbd3, logical block 0, async page read [ 78.417062][ T5864] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 78.419754][ T5864] Buffer I/O error on dev nbd3, logical block 0, async page read [ 78.422118][ T5864] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 78.424859][ T5864] Buffer I/O error on dev nbd3, logical block 0, async page read [ 78.427158][ T5864] ldm_validate_partition_table(): Disk read failed. [ 78.429368][ T5864] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 78.432007][ T5864] Buffer I/O error on dev nbd3, logical block 0, async page read [ 78.434551][ T5864] I/O error, dev nbd3, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 78.437199][ T5864] Buffer I/O error on dev nbd3, logical block 0, async page read [ 78.440250][ T5864] Dev nbd3: unable to read RDB block 0 [ 78.442704][ T5864] nbd3: unable to read partition table [ 78.444403][ T5864] nbd3: partition table beyond EOD, truncated [ 78.447363][ T5864] ldm_validate_partition_table(): Disk read failed. [ 78.449830][ T5864] Dev nbd3: unable to read RDB block 0 [ 78.452286][ T5864] nbd3: unable to read partition table [ 78.454949][ T5864] nbd3: partition table beyond EOD, truncated [ 78.497313][ T39] audit: type=1326 audit(1735250338.338:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7146 comm="syz.2.198" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 78.505080][ T39] audit: type=1326 audit(1735250338.338:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7146 comm="syz.2.198" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 78.511280][ T39] audit: type=1326 audit(1735250338.338:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7146 comm="syz.2.198" exe="/syz-executor" sig=0 arch=40000003 syscall=386 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 78.520477][ T39] audit: type=1326 audit(1735250338.338:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7146 comm="syz.2.198" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 78.520495][ T39] audit: type=1326 audit(1735250338.338:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7146 comm="syz.2.198" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 78.520510][ T39] audit: type=1326 audit(1735250338.338:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7146 comm="syz.2.198" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 78.520525][ T39] audit: type=1326 audit(1735250338.338:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7146 comm="syz.2.198" exe="/syz-executor" sig=0 arch=40000003 syscall=120 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 78.520541][ T39] audit: type=1326 audit(1735250338.348:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7146 comm="syz.2.198" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 78.520557][ T39] audit: type=1326 audit(1735250338.348:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7150 comm="syz.2.198" exe="/syz-executor" sig=0 arch=40000003 syscall=267 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 78.520571][ T39] audit: type=1326 audit(1735250338.348:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7146 comm="syz.2.198" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70be579 code=0x7ffc0000 [ 78.682449][ T66] Bluetooth: hci3: command 0x0c1a tx timeout [ 78.684262][ T66] Bluetooth: hci2: command 0x0c1a tx timeout [ 78.827478][ T7164] sg_write: data in/out 11/14 bytes for SCSI command 0x0-- guessing data in; [ 78.827478][ T7164] program syz.2.200 not setting count and/or reply_len properly [ 79.089785][ T7173] netlink: 4 bytes leftover after parsing attributes in process `syz.0.206'. [ 79.092479][ T7173] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 79.094714][ T7173] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 79.114384][ T7173] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 79.116962][ T7173] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 79.144154][ T7174] netlink: 28 bytes leftover after parsing attributes in process `syz.0.206'. [ 79.149112][ T7174] netlink: 60 bytes leftover after parsing attributes in process `syz.0.206'. [ 79.503263][ T7160] Set syz1 is full, maxelem 65536 reached [ 80.501102][ T7191] binder: 7187:7191 ioctl c0306201 0 returned -14 [ 80.535280][ T7191] sp0: Synchronizing with TNC [ 81.261183][ T30] cfg80211: failed to load regulatory.db [ 81.783600][ T7210] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 82.109519][ T1134] Bluetooth: hci4: Frame reassembly failed (-84) [ 82.464799][ T7210] [U] [ 82.877799][ T7240] 9pnet_fd: Insufficient options for proto=fd [ 83.550657][ T7248] binder: 7245:7248 ioctl c0306201 0 returned -14 [ 83.599347][ T7248] sp0: Synchronizing with TNC [ 83.767297][ T7245] [U] [ 84.112605][ T5917] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 84.112946][ T66] Bluetooth: hci4: command 0x1003 tx timeout [ 84.638427][ T7267] RDS: rds_bind could not find a transport for fe80::1a, load rds_tcp or rds_rdma? [ 84.750844][ T7268] evm: overlay not supported [ 85.511242][ T7291] can0: slcan on ttyS3. [ 86.195208][ T7280] can0 (unregistered): slcan off ttyS3. [ 86.672427][ T5917] Bluetooth: hci2: command 0x0c1a tx timeout [ 87.943050][ T7377] netlink: 'syz.1.256': attribute type 10 has an invalid length. [ 87.948628][ T7377] team0: Port device netdevsim0 added [ 87.961404][ T7377] netlink: 'syz.1.256': attribute type 10 has an invalid length. [ 88.010239][ T7377] team0: Port device netdevsim0 removed [ 88.013323][ T7377] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 89.997480][ T7424] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 89.999402][ T7424] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 90.003700][ T7424] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 90.005438][ T7424] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 90.009213][ T7424] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 90.010952][ T7424] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 90.518882][ T39] kauditd_printk_skb: 31 callbacks suppressed [ 90.518900][ T39] audit: type=1326 audit(1735250350.358:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7435 comm="syz.0.274" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf7f03579 code=0x0 [ 90.836353][ T7447] 9pnet: Found fid 0 not clunked [ 92.328183][ T7474] netlink: 'syz.0.286': attribute type 10 has an invalid length. [ 92.463288][ T7480] netlink: 88 bytes leftover after parsing attributes in process `syz.0.287'. [ 92.466187][ T7480] netlink: 24 bytes leftover after parsing attributes in process `syz.0.287'. [ 92.468910][ T7480] netlink: 16 bytes leftover after parsing attributes in process `syz.0.287'. [ 92.472090][ T7480] netlink: 72 bytes leftover after parsing attributes in process `syz.0.287'. [ 92.762505][ T62] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 92.948328][ T62] usb 5-1: config 1 interface 0 altsetting 15 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 92.952718][ T62] usb 5-1: config 1 interface 0 altsetting 15 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 92.957487][ T62] usb 5-1: config 1 interface 0 has no altsetting 0 [ 92.962525][ T62] usb 5-1: New USB device found, idVendor=046d, idProduct=c537, bcdDevice= 0.40 [ 92.965506][ T62] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 92.968200][ T62] usb 5-1: Product: syz [ 92.969709][ T62] usb 5-1: Manufacturer: syz [ 92.971060][ T62] usb 5-1: SerialNumber: syz [ 93.004645][ T7484] netdevsim netdevsim2 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 93.008187][ T7484] netdevsim netdevsim2 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 93.011496][ T7484] netdevsim netdevsim2 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 93.015286][ T7484] netdevsim netdevsim2 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 93.019787][ T7484] netdevsim netdevsim2 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 93.023486][ T7484] netdevsim netdevsim2 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 93.026570][ T7484] netdevsim netdevsim2 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 93.029113][ T7484] netdevsim netdevsim2 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 93.032169][ T7484] geneve2: entered promiscuous mode [ 93.034057][ T7484] geneve2: entered allmulticast mode [ 93.896231][ T7501] netlink: 'syz.1.293': attribute type 4 has an invalid length. [ 94.663220][ T7519] binder: 7517:7519 ioctl c0306201 20000180 returned -14 [ 95.642039][ T62] usbhid 5-1:1.0: can't add hid device: -71 [ 95.643966][ T62] usbhid 5-1:1.0: probe with driver usbhid failed with error -71 [ 95.647125][ T62] usb 5-1: USB disconnect, device number 3 [ 96.036506][ T7546] [ 96.037396][ T7546] ============================= [ 96.039007][ T7546] [ BUG: Invalid wait context ] [ 96.040368][ T7546] 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 Not tainted [ 96.043589][ T7546] ----------------------------- [ 96.045858][ T7546] syz.0.305/7546 is trying to lock: [ 96.047324][ T7546] ffff888024abef18 (&sighand->siglock){-.-.}-{3:3}, at: __lock_task_sighand+0xc2/0x340 [ 96.050364][ T7546] other info that might help us debug this: [ 96.052088][ T7546] context-{5:5} [ 96.053352][ T7546] 4 locks held by syz.0.305/7546: [ 96.054890][ T7546] #0: ffff88806f47e0a8 (&ctx->uring_lock){+.+.}-{4:4}, at: __do_sys_io_uring_enter+0xd38/0x1620 [ 96.058983][ T7546] #1: ffff888069743128 (&acct->lock){+.+.}-{2:2}, at: io_wq_enqueue+0x20a/0xb30 [ 96.062586][ T7546] #2: ffffffff8ddbad40 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1c2/0x590 [ 96.066275][ T7546] #3: ffffffff8ddbad40 (rcu_read_lock){....}-{1:3}, at: __lock_task_sighand+0x3f/0x340 [ 96.070023][ T7546] stack backtrace: [ 96.071516][ T7546] CPU: 0 UID: 0 PID: 7546 Comm: syz.0.305 Not tainted 6.13.0-rc4-syzkaller-00054-gd6ef8b40d075 #0 [ 96.075725][ T7546] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 96.080008][ T7546] Call Trace: [ 96.081370][ T7546] [ 96.082559][ T7546] dump_stack_lvl+0x116/0x1f0 [ 96.084472][ T7546] __lock_acquire+0x878/0x3c40 [ 96.086378][ T7546] ? __pfx___lock_acquire+0x10/0x10 [ 96.088468][ T7546] ? __pfx___lock_acquire+0x10/0x10 [ 96.090538][ T7546] lock_acquire.part.0+0x11b/0x380 [ 96.092578][ T7546] ? __lock_task_sighand+0xc2/0x340 [ 96.094640][ T7546] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 96.096860][ T7546] ? rcu_is_watching+0x12/0xc0 [ 96.098770][ T7546] ? trace_lock_acquire+0x14e/0x1f0 [ 96.100879][ T7546] ? trace_lock_acquire+0x14e/0x1f0 [ 96.102967][ T7546] ? __lock_task_sighand+0xc2/0x340 [ 96.104981][ T7546] ? lock_acquire+0x2f/0xb0 [ 96.106786][ T7546] ? __lock_task_sighand+0xc2/0x340 [ 96.108862][ T7546] _raw_spin_lock_irqsave+0x3a/0x60 [ 96.110933][ T7546] ? __lock_task_sighand+0xc2/0x340 [ 96.113046][ T7546] __lock_task_sighand+0xc2/0x340 [ 96.115104][ T7546] group_send_sig_info+0x290/0x300 [ 96.117150][ T7546] ? __pfx_group_send_sig_info+0x10/0x10 [ 96.119368][ T7546] ? __pfx___lock_acquire+0x10/0x10 [ 96.121472][ T7546] ? is_bpf_text_address+0x8a/0x1a0 [ 96.123527][ T7546] ? __pfx_lock_release+0x10/0x10 [ 96.125507][ T7546] bpf_send_signal_common+0x415/0x520 [ 96.127623][ T7546] ? __pfx_bpf_send_signal_common+0x10/0x10 [ 96.129961][ T7546] ? trace_lock_acquire+0x14e/0x1f0 [ 96.132025][ T7546] ? unwind_get_return_address+0x59/0xa0 [ 96.134264][ T7546] ? bpf_trace_run2+0x1c2/0x590 [ 96.136201][ T7546] bpf_send_signal+0x1d/0x30 [ 96.137998][ T7546] bpf_prog_631417f49dd64198+0x25/0x48 [ 96.140078][ T7546] bpf_trace_run2+0x231/0x590 [ 96.141923][ T7546] ? __pfx_bpf_trace_run2+0x10/0x10 [ 96.143388][ T7546] ? hlock_class+0x4e/0x130 [ 96.144669][ T7546] trace_contention_end.constprop.0+0xf0/0x170 [ 96.146385][ T7546] __pv_queued_spin_lock_slowpath+0x27e/0xc90 [ 96.148094][ T7546] ? __pfx_io_register_file_alloc_range+0x10/0x10 [ 96.150299][ T7546] ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10 [ 96.152742][ T7546] ? lock_acquire.part.0+0x11b/0x380 [ 96.154543][ T7546] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 96.156171][ T7546] do_raw_spin_lock+0x210/0x2c0 [ 96.157608][ T7546] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 96.159290][ T7546] ? lock_acquire+0x2f/0xb0 [ 96.160821][ T7546] ? io_wq_enqueue+0x20a/0xb30 [ 96.162293][ T7546] io_wq_enqueue+0x20a/0xb30 [ 96.163629][ T7546] ? __pfx_io_wq_enqueue+0x10/0x10 [ 96.165143][ T7546] ? __io_import_iovec+0x25f/0x5b0 [ 96.166626][ T7546] ? __pfx_io_wq_work_match_item+0x10/0x10 [ 96.168366][ T7546] ? io_prep_async_work+0x654/0x770 [ 96.170313][ T7546] io_queue_iowq+0x28b/0x5c0 [ 96.172055][ T7546] io_queue_sqe_fallback+0xcd/0x9f0 [ 96.174104][ T7546] ? io_prep_rw+0x565/0xb70 [ 96.175979][ T7546] io_submit_sqes+0x15fe/0x25f0 [ 96.177987][ T7546] __do_sys_io_uring_enter+0xd43/0x1620 [ 96.180241][ T7546] ? __pfx___do_sys_io_uring_enter+0x10/0x10 [ 96.182732][ T7546] ? __ia32_sys_futex_time32+0x1da/0x460 [ 96.185022][ T7546] ? __ia32_sys_futex_time32+0x2fd/0x460 [ 96.187338][ T7546] ? xfd_validate_state+0x5d/0x180 [ 96.189404][ T7546] ? rcu_is_watching+0x12/0xc0 [ 96.191398][ T7546] __do_fast_syscall_32+0x73/0x120 [ 96.193443][ T7546] do_fast_syscall_32+0x32/0x80 [ 96.195247][ T7546] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 96.197632][ T7546] RIP: 0023:0xf7f03579 [ 96.199144][ T7546] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 96.205990][ T7546] RSP: 002b:00000000f503555c EFLAGS: 00000296 ORIG_RAX: 00000000000001aa [ 96.208543][ T7546] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000005951 [ 96.211330][ T7546] RDX: 0000000000007a89 RSI: 0000000000000000 RDI: 0000000000000000 [ 96.213987][ T7546] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 96.216787][ T7546] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 96.219020][ T7546] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 96.221245][ T7546] VM DIAGNOSIS: 21:59:16 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000066 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85142e15 RDI=ffffffff9a667240 RBP=ffffffff9a667200 RSP=ffffc90024cbefe0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=722d302e33312e36 R12=0000000000000000 R13=0000000000000066 R14=ffffffff85142db0 R15=0000000000000000 RIP=ffffffff85142e3f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002d40bffc CR3=000000006f694000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fe80fc00 Opmask01=0000000000000000 Opmask02=000000000000ffdf Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd9f021690 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6464646464646464 6464646464646464 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000ff ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff ffffff00ffffff00 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f7379732f002f73 75622f7379732f00 2f6d657473797362 75732f7379732f00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a565c560a000a56 50470a565c560a00 0a484051565c5647 50560a565c560a00 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000000000000040 000000000000312d 352f356273752f30 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ca1015562d71d4e5 0000000555e7b8ef 00000000000000b1 0000000000000030 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000021 0000555e7b8ede50 0000003165730000 307761726469682f ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 264c383a3a264f38 3a3a264e383a3a26 49383a3a2648383a 3a2633383a3a2632 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000003 RBX=ffff888069743110 RCX=0000000000000100 RDX=0000000000000001 RSI=ffffffff8b1ccd7d RDI=ffffffff81484a21 RBP=dffffc0000000000 RSP=ffffc9000e147b50 R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff901ce3d7 R11=0000000000000000 R12=0000000000000000 R13=0000000000001893 R14=ffff88802b53fc40 R15=ffffed100d2e8622 RIP=ffffffff8b1cccb7 RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c2a27fe CR3=000000006f694000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000001 RCX=0000000000000000 RDX=1ffff92000d7bf5b RSI=ffffffff8b200130 RDI=ffffc90006bdfad8 RBP=ffffc90006bdfb68 RSP=ffffc90006bdfa68 R8 =ffffc90006bdfb0c R9 =ffffffff915dbcae R10=ffffc90006bdfad8 R11=00000000000a19d4 R12=ffffffff81852e40 R13=ffffc90006bdfad8 R14=0000000000000000 R15=ffff888043f84880 RIP=ffffffff8148eeba RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f0d7c3da280 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055d1905293d8 CR3=0000000000522000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fec0c400 Opmask01=0000000000000000 Opmask02=000000000000ffdf Opmask03=8200002022100080 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555e7b903300 0000555e7b903400 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2f2f2f2f2f2f2f2f 2f2f2f2f2f2f2f2f ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b96366255e02a796 737326285d1a783c ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73737373737373e2 7373737373737373 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 312d352f35627375 2f302e6463685f79 6d6d75642f6d726f 6674616c702f7365 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6f6f742079617272 6120656c75722079 7261726f706d6574 002a3f005b3f2a00 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4a4a51055c445757 440540495057055c 5744574a55484051 000f1a005b1a0f00 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000161 0000000000000040 00007f0d7b00312d 352f356273752f30 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000555e7b931740 0000555e7b8f7420 0000000000000041 000000000000302e ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000007801 0000555e7b925ae8 0000003165730000 307761726469682f ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 264c383a3a264f38 3a3a264e383a3a26 49383a3a2648383a 3a2633383a3a2632 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000011 RCX=ffffffff815de13d RDX=ffff888025810000 RSI=0000000000000011 RDI=000000000000001e RBP=ffff888025810000 RSP=ffffc9000776fac8 R8 =0000000000000001 R9 =ffffed1004b02000 R10=ffff888025810007 R11=00000000000a2001 R12=ffff88802299ed20 R13=dffffc0000000000 R14=ffffc9000776fc28 R15=0000000000000012 RIP=ffffffff81995190 RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f0d7c3da280 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007fd1dc9cc440 CR3=0000000067eb0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fefffc00 Opmask01=0000000000004211 Opmask02=000000000000ffdf Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd9f0211f0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffff0f0e0d ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00204b4e494c0020 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffffffff ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 726f662027732527 20656c6966207325 2064657461657263 000a73253a47000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 574a430502560002 0540494c43055600 0541405144405746 000a56001f47000a ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000002e1 0000000000000030 2e6463685f796d6d 75642f6d726f6674 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 ca1015562d71d4e5 0000555b2e68ffb9 00000000000000d1 00003832322e3035 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a263b383a3a263a 383a3a26493b3a3a 26483b3a3a264b3b 3a0a00307f617930 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 264c383a3a264f38 3a3a264e383a3a26 49383a3a2648383a 3a2633383a3a2632 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000