last executing test programs: 1m44.671728725s ago: executing program 1 (id=144): setsockopt$sock_attach_bpf(0xffffffffffffffff, 0x10f, 0x87, 0x0, 0x0) close(0xffffffffffffffff) bpf$ENABLE_STATS(0x20, 0x0, 0x0) r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000780), 0x28ce80, 0x0) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) ioctl$TUNSETIFF(r1, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) close(r0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000500)) ioctl$SIOCSIFHWADDR(r0, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x1c1842, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x7101}) r3 = bpf$PROG_LOAD(0x5, &(0x7f00002a0fb8)={0x1, 0x4, &(0x7f00000004c0)=ANY=[@ANYBLOB="850000002f000000350000000000000085000000080000009500000000000000f4670880271e3503200ffa95a2c81f000000000000006287066c5197fabd5f9810e81ae0b737126ea677dcaeed8d38e65cb6e22ff5dde54704d25c79949c23e2eb15d75da2350ea7c09cc28d7673294f42a5f0a8320e13822c45c0f8612c10b100000000b0d3712c7e93363af3166a32d95433bb755a2dd576090c4867a7b6393e36856386d5ec15beb59686ca7034ff9cd41c03727209d031f40f3012e9576e51a7f550afc852003b2f7846c744ae6af3e4195cc037100324d85cec074c6949e129890152213c8b2759a07e6d067a97f5fe47fe5f17fdab80ef4104dbaba46aa43a815b1e5c6d1d224264be6c4d7f47ef21eb7e46f9aa4a9779f8555eaea768c1f2c221c110ef25253d110ce282ab76f593d928cf957d6be6277c04b8c5324812696a623cd8a4f8dc8dcba00b3b2d27478207993202b7bdbcbf8496b9a951667d5127f5a555c7b88b5c0ba0e37b56c0ebfb19a34268335648e1f844b6518a6ef7297f7b2744419af53e5309ec91d83cf4fbd775d9c07d8d591a4dac60ff0084190000b78863e629c6b2000088b8695eea0000000000000000000000000000000000449c810d3174c87ee545860972ae0c8006ac13f469a171e2cc6001e911eb513029dd293a58832e6a0ef2ccd58fc7974f8eda1e2e48d56c88c8698af62ec4580831f87aafc8428d3c2a4d1398115b9fcca23f5417e7202520b7f00e512890ab043123000000000000000000000000000003bf7a2282b3935270d6293e35079cd03d0986bdae57a687242525b644d5cd9ee5cffe82e347c1b3a889eaba769f72040168327e7b95b8934d0ec15526375a08ddd1ef53fe075e4fe42beb0eef41f9b23b1d06effb7812265d56e59ed8408bd7396da441416d1f2f99731232882194105d"], &(0x7f0000000140)='GPL\x00', 0x0, 0xe0, &(0x7f0000000180)=""/153, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffc1a, 0x0, 0xffffffffffffffff, 0xfffffffffffffef6, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x15) ioctl$TUNSETFILTEREBPF(r1, 0x800454e1, &(0x7f0000000340)=r3) write$cgroup_devices(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="1e040600bc5cb60128876360864666702c1ffe80000000000000", @ANYRESDEC], 0xffdd) 1m43.386103931s ago: executing program 1 (id=153): mknodat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0, 0x0) pipe2$9p(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) write$P9_RVERSION(r1, &(0x7f0000000300)=ANY=[@ANYBLOB="1500000065ffff017f000e0800395032303030"], 0x15) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18, 0x0, 0x0, {0x1}}, 0x18) write$FUSE_DIRENTPLUS(r2, &(0x7f00000003c0)=ANY=[@ANYBLOB="b0"], 0xb0) write$FUSE_GETXATTR(r2, &(0x7f00000000c0)={0x18}, 0x18) r3 = openat$fuse(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) mount$fuse(0x0, &(0x7f0000000100)='./file0\x00', &(0x7f0000000140), 0x0, &(0x7f0000002280)={{'fd', 0x3d, r3}, 0x2c, {'rootmode', 0x3d, 0x8000}}) read$FUSE(r3, &(0x7f0000002300)={0x2020, 0x0, 0x0}, 0x206e) write$FUSE_LK(r2, &(0x7f0000000340)={0x28, 0x0, r4, {{0x2, 0x0, 0x1}}}, 0x28) mount$9p_fd(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080), 0x10, &(0x7f0000000400)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r2}, 0x2c, {[{@cache_fscache}]}}) r5 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x20842, 0x0) write$FUSE_IOCTL(r5, &(0x7f0000000180)={0x20, 0x0, 0x0, {0x6, 0x0, 0x8e4, 0x3}}, 0x20) 1m43.293507998s ago: executing program 1 (id=155): socketpair$unix(0x1, 0x3, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$int_in(r0, 0x5452, 0x0) close(0x3) pipe(0x0) r1 = syz_open_dev$evdev(&(0x7f0000000000), 0x2, 0x80000) syz_usb_disconnect(r1) syz_usb_connect$cdc_ecm(0x0, 0x56, &(0x7f0000000180)=ANY=[@ANYBLOB="120100000200001025050008000001020301090244000101000000090400eb0302060000052406000005240000000d240f01000000000000000000090581030004a7030309058202ff0300000009050302ff"], 0x0) ioctl$EVIOCRMFF(r1, 0x550c, 0x0) r2 = openat(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$FS_IOC_REMOVE_ENCRYPTION_KEY(r2, 0x40086602, 0x0) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN_UNNAMED(0x11, &(0x7f0000000040), 0x10) fcntl$getown(r3, 0x9) syz_usb_connect$cdc_ecm(0x0, 0x5a, &(0x7f0000000f40)=ANY=[], 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, 0x0, 0x0, 0x0, 0x0, 0x0) 1m41.880170957s ago: executing program 1 (id=161): syz_open_dev$loop(&(0x7f00000001c0), 0x75f, 0x103382) mq_open(&(0x7f0000000080)='eth0\x00#\x13\xaeu\xe0\xfbu0*\xf3\x11i\xdd\xd9\xc6\x87\xde\xbf_\xa0\xf6\xdfk\xbf.\"\xa6\xc0#p\xcd\x1c/\xa6\xf2\xbcyL\x85a\xb5\xbb~+>\xbc\x93\xf8\xab\x9a3\x85l\x1d\x15\x11\x1a{@!2\xb6!\xae\xf79k\x90\x88\v8I$\xfdQ\x1d\x90=r\xd8\xc0\xd8\t/\x8dv\xb8\x93\xc3C\xae\x9dc\xd1T\xdd\x14\xd3\xe1\xbe_$A=z\xee\xbd/X\xbemOX)s\x94\xde\xbe_\v\x01\xbe\xeb\xbb\x91\x11z\xc2|d\x1b\x04\xd2\xf9yx\xb2\x1b\bLTrw\x88\x9e0\t\xc6\xe2\x9c\xed\\\xd8[\xc8\x04 \xf3\xac]V\x1d:\xfc\xc3\x9e\x02\ax\xef\xfe\x1c.TT\xcf\xbf\xf5\x80a%\xdcQ\xb3CuT\xcc7\x8avs\xb2\a\xfe\xb3j*\xad\x18I\xcc\xe9\xaa{]\xef\xb7\xf2\xee*\xf95\bJt\xd0s\xc4\xaa\xc8\x13~\xb2\xf20\xbdf\xdb\xaeG\xe3\xfb\xef\x94\xef:Q\x1b\xe3\xa3\xa4}\xef`e\xcdL\xab\xdb\r\xf2y\x9fg1\xf4\t\x18i/!\x13\xf1,\x8cu\xaa\xbf~)\x94\x1b2\x93\x86\xe7\x9a\xf2j\xa8\x96\xa6\xa2\xfcN\x81\xafTh\xb3\x1bo:\xe8\vq7S\xe4H\xf3L\xa0\x9c\x97B\x12\x10\x9d\xaa\x7fq\x06\xb9(\xf6\x1c\x83\xb1J\xec\x926\xb5a0\xa0B\xae|', 0x40, 0x0, 0x0) r0 = syz_usb_connect(0x0, 0x36, &(0x7f00000000c0)=ANY=[@ANYBLOB="120100008010bd40820514009dbb0000000109022400011b00000009040000022a3e740009058bff7f0000100109050b"], 0x0) syz_open_dev$midi(&(0x7f0000000000), 0x3, 0x88c02) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$bind(&(0x7f0000000000)='.\x00', &(0x7f00000000c0)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mount$afs(0x0, &(0x7f0000000380)='./file0/file0\x00', &(0x7f00000003c0), 0x0, &(0x7f0000000400)={[{@dyn}]}) mount$afs(0x0, &(0x7f0000000380)='./file0/file0\x00', &(0x7f00000003c0), 0x0, &(0x7f0000000400)={[{@dyn}]}) epoll_create1(0x80000) syz_usb_disconnect(r0) socket$xdp(0x2c, 0x3, 0x0) openat$vcsa(0xffffffffffffff9c, &(0x7f0000000180), 0x0, 0x0) openat$hpet(0xffffffffffffff9c, &(0x7f0000000040), 0x2040, 0x0) pselect6(0x40, &(0x7f00000001c0), 0x0, &(0x7f00000002c0)={0x3ff}, 0x0, 0x0) 1m40.463393051s ago: executing program 1 (id=164): r0 = socket$unix(0x1, 0x2, 0x0) bind$unix(r0, &(0x7f00000006c0)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = socket$unix(0x1, 0x2, 0x0) connect$unix(r1, &(0x7f0000000080)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) recvfrom$unix(r1, 0x0, 0x0, 0x0, 0x0, 0x0) connect$unix(r1, &(0x7f0000000340)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r2 = bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x16, 0x0, 0x4, 0x8001, 0x0, 0x1, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000003c0)={{r2}, 0x0, &(0x7f0000000040)}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r3 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r3}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) futex(&(0x7f000000cffc)=0x1, 0x6, 0x0, 0x0, 0x0, 0xfff0) 1m40.143168117s ago: executing program 1 (id=167): r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x80000000000001, 0x0, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x50) syz_emit_ethernet(0x8e, 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r1 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8}, &(0x7f0000010080), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000010300)=[{0x0}, {0x0}, {&(0x7f0000010380)=""/47, 0x2f}], 0x3) bind$rds(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2) socket$netlink(0x10, 0x3, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) 1m40.110512764s ago: executing program 32 (id=167): r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x80000000000001, 0x0, 0x2, 0x0) setsockopt$EBT_SO_SET_ENTRIES(0xffffffffffffffff, 0x0, 0x80, 0x0, 0x50) syz_emit_ethernet(0x8e, 0x0, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) preadv(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) r1 = syz_io_uring_setup(0x4b5, &(0x7f0000010400)={0x0, 0x86e1, 0x1, 0x8}, &(0x7f0000010080), &(0x7f0000000000)) io_uring_register$IORING_REGISTER_BUFFERS(r1, 0x0, &(0x7f0000010300)=[{0x0}, {0x0}, {&(0x7f0000010380)=""/47, 0x2f}], 0x3) bind$rds(0xffffffffffffffff, &(0x7f0000000000)={0x2, 0x0, @local}, 0x10) syz_open_dev$vim2m(&(0x7f0000000040), 0x7, 0x2) socket$netlink(0x10, 0x3, 0x0) socket$inet_udp(0x2, 0x2, 0x0) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) 5.089145835s ago: executing program 4 (id=569): r0 = socket(0x10, 0x3, 0x0) socket$packet(0x11, 0x2, 0x300) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) open(&(0x7f0000000000)='./bus\x00', 0x60942, 0x0) openat$fuse(0xffffffffffffff9c, 0x0, 0x42, 0x0) r2 = dup(r1) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) sendmsg(0xffffffffffffffff, 0x0, 0x24008081) r3 = openat$full(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) readv(r3, &(0x7f0000003400)=[{&(0x7f0000001080)=""/107, 0x7ffff000}, {&(0x7f0000004c00)=""/4096, 0x1000}], 0x2) getsockopt$bt_hci(0xffffffffffffffff, 0x84, 0x72, &(0x7f0000000080)=""/4057, 0x0) sendmsg$nl_route_sched(r0, 0x0, 0x0) 4.582817792s ago: executing program 4 (id=572): semctl$IPC_STAT(0x0, 0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) mount$binder(0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000780)=ANY=[]) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) mkdir(0x0, 0x0) mkdir(0x0, 0x0) mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)={[{@upperdir={'upperdir', 0x3d, './file1'}}]}) bpf$ENABLE_STATS(0x20, 0x0, 0x0) 3.762806136s ago: executing program 0 (id=578): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) socket$inet6_sctp(0xa, 0x5, 0x84) setsockopt$netlink_NETLINK_TX_RING(0xffffffffffffffff, 0x10e, 0xc, &(0x7f00000002c0)={0x2, 0x0, 0x40000002}, 0x10) ioctl$UI_DEV_CREATE(0xffffffffffffffff, 0x5501) r2 = openat$procfs(0xffffffffffffff9c, &(0x7f00000000c0)='/proc/partitions\x00', 0x0, 0x0) r3 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) sendfile(r3, r2, &(0x7f0000002080)=0x3a, 0x7) syz_pidfd_open(0x0, 0x0) syz_open_dev$tty1(0xc, 0x4, 0x4) syz_genetlink_get_family_id$net_dm(&(0x7f0000000000), 0xffffffffffffffff) sendmsg$NET_DM_CMD_STOP(0xffffffffffffffff, 0x0, 0x0) sendmsg$NET_DM_CMD_STOP(0xffffffffffffffff, 0x0, 0x8894) 3.380118492s ago: executing program 4 (id=579): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000140), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mknodat$null(0xffffffffffffff9c, 0x0, 0x0, 0x103) name_to_handle_at(0xffffffffffffff9c, 0x0, &(0x7f00000000c0)=@FILEID_UDF_WITH_PARENT={0x14}, &(0x7f0000002300), 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev}, 0x2}}, 0x2e) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_SECURITY_LEVEL(r6, 0x0, 0x2, &(0x7f0000000000)=0xffffffffffffffff, 0x4) recvmmsg(r6, &(0x7f0000002380)=[{{0x0, 0x0, 0x0}, 0x1000}], 0x1, 0x100, &(0x7f0000002400)={0x77359400}) 3.369175767s ago: executing program 3 (id=580): syz_emit_ethernet(0x0, 0x0, 0x0) r0 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$batadv(0x0, 0xffffffffffffffff) sendmsg$BATADV_CMD_GET_MCAST_FLAGS(r1, &(0x7f0000000700)={&(0x7f0000000600)={0x10, 0x0, 0x0, 0x4}, 0xc, &(0x7f00000006c0)={&(0x7f0000000680)={0x24, r2, 0x206, 0x70bd26, 0x25dfdbfb, {}, [@BATADV_ATTR_MULTICAST_FANOUT={0x8, 0x3c, 0x40}, @BATADV_ATTR_THROUGHPUT_OVERRIDE={0x8, 0x3b, 0xf9c085fa}]}, 0x24}, 0x1, 0x0, 0x0, 0x2850}, 0x4040005) ioctl$F2FS_IOC_MOVE_RANGE(r0, 0xc020f509, &(0x7f0000000080)={r0, 0x6cc80, 0x80000000, 0x7fffffffffffffff}) setsockopt$bt_BT_DEFER_SETUP(r3, 0x112, 0x7, &(0x7f0000000100)=0x1, 0x4) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$devlink(&(0x7f0000000040), 0xffffffffffffffff) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x4, 0xe, &(0x7f0000001340)=ANY=[@ANYBLOB="b702000000000000bfa300000000000007030000ffffffff7a0af0fff8ffff5979a4f0ff00000000b7060000ffffffff2d6405000000000065040400014741001404000001007d60b7030000000000006a0a00fe40000900850000001f000000b70000000004000095000000000000006623848adf1dc9a7645100b2ffbdb0ab51a064e0ff0c9b27a26293fddf0180000071ff31f1622271d5518193e09483c5a020c334f8c76334d8ce8303b01ddaa52e8756ad60a07d6f27c125e16d024098f755d8583da60f27c162dbba0700002ac9170f50f2568836077b7f711a18ebf608d87b885297b6a79819782748b376358c33c9f53bfd989b1ca58949a54d5827df14faecea46408a05d572077f1252fbb72c3d099c501bc4ded6fca17a3447222c95edb47b77aafa63b9dd5fa5c53e9cf53ce129a9ecd3b4dd15100f2b450f98526a0d8cac7c97fc2f64015306a1bd7e43fe1ca8345710fb6379b4c53cf55eefb4c0974486a8d25a363adbd83b49e13fbd1777b27020bd9b8cff3f48c9411670c34f23ab8caf7851b290feb3045a1b622f20c4383a0280f040de7667f8b1d0842835e81c358ebe73af41e5b5b924275cb1749289b44e9728e7a73f148ac8206afe120c1437490d99000000110000fdffffffffffffffaf580278e1342aabd1b623f6c4f128858e4eb6b42f2173184c2b99b645f6ec0e14e5d7c95a0008000000f30f6c0000000000ff0000b8f5001a1d2a34dc0973ec302bc23211d3e3b6e6dad65a51e5497a3419cecec38126247b2f113ad4c7915c8f82c333a7b350802f03b0057010d1ed50c18411aa6900daccc02f4ba4b078f07e41f781eee222c7d071d5a94d82ca9a0846c1af59cee16639b4970f8f0a82c6a712fd5722d637d406160ffaffffffb4e0bde6749aa52c408b74251914c5d3255fd88a42e7ebb69ebcd8eee623e51dbb1f1b548c91a6825c0686fdc16be1cbb72c217fda18bd746253ca66093daf35923300b600000000ac376e0a4649a8a84e1d293a6b109c5e59b366bca5cc3d936c53d4a48c05099e6fc36d5aa23bff8cce0600fcff00000300a568a8532623d12b40b50ac26f2e8255470a04bfbe7acb581b90991d965a01d1f84cb6b973558e1e3f8118c77ccf0b3c6eb6443870004da10c75723b65f83769ad1f0e4ef6b9ef1cec23264fd8fdac6264af1cb467020bdc12b797b6c156c439105829d2ae1c45f7cfa40df68fd36a03353a55a8a89b60317cd78ea1dc8e0f77f2c1e68ec7c01bd5a2028a8fc107007f3deb1f200abe1f753754678dae8b4e3ba3d086d4b95dfc5817e3dafae2d38b522f842cc750399d90296171fdb1e05882f8a4b8fbd219ccac3a895828b4f22b6527ce31ceb02b7b2beaf4510134552f0b076b168394f8417f25cc82ae04007193cbe69de8bf35e4bebd15412426b2e20ab1f05fc44be9ae094c1b81d3ef947692b44d2afb09c7498dedf0f87c38bbcab7357836f03e8a7c392e535694a3ead2de11e6b1781e2a018c0ada7bc7f0eb2d678f23c07ac341fda2e563ee95085742f5fee9f95f4741b226e428d20b00bc140000e4b2f5efd0a0b1ceba000830ba8634b5aa26bdbe91614e92fae3c7349531df9bf4c01ebf5d8eb7d53e5f30647661623fbdb3f60033fc32f68ea86a2df1e76fe27dfdff1cf9194849c4cc0da9533e5983693e526a7dc0d8728f3b573ca4427bdb44df9341e9b8050e896598a156c935c800436a312e7ae3c011e46851ac599f0427729ab9c55ae0ab4c0000000000000000000000000000c87bcc2ac5aed9247b51d92e0993af4beaf1f3f47dcdfab9165f98155d93e383d6b85158b54675c1585037508c1e9461a1c3d1a6e2002045cae150a7016f1a90716eebbdf6afc4414d900be0bdf19f4a273f44f4357380b4387f1c8b104f0e406b2f04e5ed8c631be6411f9927fe9f6b43ec83412b7c5a676ceec8b454ebf6481c98e86b6933a02daea0b4ec0be5b3d916bd70208b4588626c277648475002e2c62681bd07331422a6e47bbd40857d52c4894944fae5c500000000000000ff00000000de784314b8fd419216b48d0f353c11ae185749fa9ac7dfa16bc5c23a23f74b17a7f1b2d799480f33faa3537a910d6ca02f48b0e69beb1119f106ea5919ffff72e17a5dc8c3d131d82f067e29dc39665dff39fb6347b374aaaf6e65efde3fc6202bf29ccfcb08caf18d668a462493aa82e76affba9c9af31d1c23237aa6eccfadfaf794bb1004c07b21ac6ed77718098b2f722bd05fea3561b86b2838a8de5b4f91d6aba95dc9f4464a024be4d0d8d04f5023e7e19e503624d39a43c7b310de519b40738ff9a623065c06d69d16d4a46ff300022fee47803989b7e916254e0fb9e1c8b07d8a4b8b692a75a32e6ed2caeaa7c258c47fe6143cd9e90b801eff78cd4e402374e0e4ca07b7f17254e3d2f0a2a1bac6fde8a15e3ef3588065524d41966fb3915e804c53201efee751ec294584d23d9008bdf046f55c030ab941a0b8723412127efb3eac0ccf68133c76770d5e7dabcc48d47685404cc540535ed70df75c24660d85f9c9a245185c7da217d1c3743db85db67b9b8a8f00af02367429f6f0b53c169c4356751bf68745dbde055e1722ae256ae53ae637a1431855d16dfa91d82a021a4b2dbb50bf6d59fdd0c9bc84cd7d544de2523b6ce8aaeb94bfba75079f7455204ccca02bd389d8409b2effe9b88e301ac4fe28752386a0678a3f54b2bdf56f927ddd6b0ac98b2b505f668597455ada51ba95ab852b49373a11ff153d20f3681f7a3a31dcd82474b51498f65e0601bcdd23acb4c01bcd2f3e1ad378d14c07d923087d3518369710b70ffb0b523dc4f00f275c381fe1c091e478b04d5e4a9f75b4072acb005a83c25625ab7a351a68977177e27a1bf112114eb10250c2b9dca234f8967f0439696a2345e747b5f1d8c4bec86d8e8f2eb121ea0159615e7d475d45837921c2c0c3f9e683ac8000214a657c9f5cb6dbb714487a9145e9d2918846e78072e0b8f6df849e7f5e3c7e92292c858570d210720102d509083e7af826d9d9f5e4fb389d782e26f243be0c05b9c60383ad28ea3d21466c8d87a4c9cf649315fbd62a6aa4188abb6d8d42785a4ae50157d76efb9c8df83b1c35daad5afaebc7756af1b80d92e8f96a6332e429f6939c230169307e92acd283063304bf6243a0e1f5487bbd54da9fed9bee94d374cc55333fb5c4760cc9ba610937c0f107ef6fbad781863a56897c93c7de1defeaefcef70692d3a8bbf7a4364eac7d608c69caec0f4df2"], &(0x7f0000000340)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000880), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x49) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000300)={r6, 0xe0, &(0x7f0000000480)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x10) r8 = bpf$BPF_PROG_GET_FD_BY_ID(0xd, &(0x7f00000000c0)={r7}, 0x4) bpf$BPF_GET_PROG_INFO(0xf, &(0x7f0000000840)={r8, 0xe0, &(0x7f0000000440)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffd6e, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x4) bpf$MAP_CREATE(0x0, &(0x7f0000000280)=ANY=[@ANYBLOB="0100000004000000040000000100000000000000", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=r9], 0x50) sendmsg$DEVLINK_CMD_RATE_NEW(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000380)={&(0x7f0000000300)={0x34, r5, 0x1, 0x0, 0x1, {0x25}, [@handle=@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}]}, 0x34}}, 0x4040004) 3.270234316s ago: executing program 0 (id=582): r0 = openat$kvm(0x0, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) dup(r2) syz_io_uring_setup(0x235, &(0x7f00000002c0)={0x0, 0x4533, 0x10100, 0x0, 0x2b1}, &(0x7f0000000180), &(0x7f0000000340)) bpf$MAP_CREATE(0x0, 0x0, 0x48) syz_open_dev$sndctrl(&(0x7f0000000080), 0x0, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0x3, &(0x7f0000000200)=@framed, &(0x7f00000003c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='contention_end\x00', r3}, 0x10) openat$sndseq(0xffffffffffffff9c, 0x0, 0x40002) r4 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) r5 = mmap$KVM_VCPU(&(0x7f0000009000/0x1000)=nil, 0x930, 0x280000f, 0x11, r4, 0x0) syz_memcpy_off$KVM_EXIT_HYPERCALL(r5, 0x20, &(0x7f00000000c0)="35ba658a487c56c733e03c24ecd8dc66ff00800000000059040000f50014cc08001e0600fcffffff00012000", 0x0, 0xfffffffffffffd09) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0x0, 0x9032, 0xffffffffffffffff, 0x0) mmap$KVM_VCPU(&(0x7f0000ec1000/0x1000)=nil, 0x930, 0xf, 0x9032, 0xffffffffffffffff, 0x0) 2.929664856s ago: executing program 3 (id=584): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r1 = openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x1000002, 0x200000005c831, 0xffffffffffffffff, 0x0) sendmsg$IPSET_CMD_CREATE(r1, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)=ANY=[@ANYRES16=r0, @ANYRESHEX=r1, @ANYRES64=r1], 0x28}}, 0x110) io_uring_register$IORING_REGISTER_FILES(r1, 0x2, &(0x7f00000000c0)=[r1, r1], 0x2) openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x90000) r2 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @remote}, 0xc) r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0) r4 = ioctl$KVM_CREATE_VCPU(r3, 0xae41, 0x2) ioctl$KVM_SET_USER_MEMORY_REGION(r3, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x800100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x3, 0x0, 0x0, 0x1], 0x18000, 0x200080}) ioctl$KVM_RUN(r4, 0xae80, 0x0) ioctl$KVM_SET_REGS(r4, 0x4090ae82, &(0x7f00000002c0)={[0x0, 0x0, 0x20000000, 0x0, 0x3, 0x8000000000000000, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff]}) ioctl$KVM_RUN(r4, 0xae80, 0x0) 2.827109825s ago: executing program 0 (id=585): mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdir(&(0x7f00000004c0)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f0000000140)='./bus\x00', &(0x7f0000000000), 0x0, &(0x7f0000000180)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) r0 = openat$dir(0xffffffffffffff9c, &(0x7f00000000c0)='./file0\x00', 0x0, 0x0) mknodat(r0, &(0x7f00000003c0)='./file0\x00', 0x0, 0x0) chdir(&(0x7f00000000c0)='./bus\x00') r1 = openat(0xffffffffffffff9c, &(0x7f0000000040)='.\x00', 0x0, 0x0) mkdir(&(0x7f0000000240)='./bus\x00', 0x0) chdir(&(0x7f00000003c0)='./bus\x00') renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='./bus/file0\x00', 0x0) r2 = open(&(0x7f00000000c0)='.\x00', 0x0, 0x0) getdents(r2, &(0x7f0000000300)=""/104, 0x68) rename(&(0x7f0000000080)='./file0\x00', &(0x7f0000000100)='./bus\x00') getdents(r2, 0x0, 0x0) 2.819643496s ago: executing program 3 (id=586): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) dup(r0) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[@ANYBLOB="1f00000000000000", @ANYRES32=0x1, @ANYRES32=0x0], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bind$alg(0xffffffffffffffff, &(0x7f0000001cc0)={0x26, 'hash\x00', 0x0, 0x0, 'blake2b-384\x00'}, 0x58) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) io_uring_enter(0xffffffffffffffff, 0x8aa, 0x0, 0x0, 0x0, 0x0) pipe(&(0x7f00000000c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RGETLOCK(r3, &(0x7f00000002c0)=ANY=[], 0x200002e6) fcntl$setpipe(r3, 0x407, 0x7000000) 2.394481982s ago: executing program 4 (id=587): socket$packet(0x11, 0x3, 0x300) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) openat$fuse(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x2, 0x288}, &(0x7f0000000300)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0) 2.394060764s ago: executing program 0 (id=589): semctl$IPC_STAT(0x0, 0x0, 0x2, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) mount$binder(0x0, 0x0, &(0x7f0000000140), 0x0, &(0x7f0000000780)=ANY=[]) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, &(0x7f0000000040)={0x1, &(0x7f0000000000)=[{0x6, 0x0, 0x0, 0x7fc00100}]}) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) mkdir(0x0, 0x0) mkdir(0x0, 0x0) mount$overlay(0x0, 0x0, 0x0, 0x0, &(0x7f0000000a00)={[{@upperdir={'upperdir', 0x3d, './file1'}}]}) bpf$ENABLE_STATS(0x20, 0x0, 0x0) 2.380026522s ago: executing program 3 (id=590): ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) ioctl$TUNGETIFF(0xffffffffffffffff, 0x800454d2, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_usb_connect(0x0, 0x2d, &(0x7f0000000180)=ANY=[@ANYBLOB="1201fb0019030320d812010079de01ec020109021b0001000003000904000001785ecc00090585020004"], 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x0) setsockopt$packet_int(0xffffffffffffffff, 0x107, 0x17, 0x0, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r1, &(0x7f0000000200)=""/128, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) bpf$TOKEN_CREATE(0x24, 0x0, 0x0) setsockopt$inet6_IPV6_FLOWLABEL_MGR(0xffffffffffffffff, 0x29, 0x20, 0x0, 0x0) fcntl$setsig(0xffffffffffffffff, 0xa, 0x21) creat(0x0, 0x5f253f32b6f60b5a) close_range(r0, 0xffffffffffffffff, 0x0) 2.116961314s ago: executing program 2 (id=592): iopl(0x3) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mq_open(&(0x7f000084dff0)='rmdF\x17\x16\xbc\xec', 0x6e93ebbbcc0884f2, 0x0, &(0x7f0000000040)={0x0, 0x6, 0x101}) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0) bind$inet(0xffffffffffffffff, &(0x7f0000000200)={0x2, 0x4e20, @empty}, 0x10) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0xf, 0x0, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f0000000080)=ANY=[@ANYBLOB="180000000100000000000000e9ff000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x10) fgetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0) bind$inet(0xffffffffffffffff, 0x0, 0x0) connect$inet(0xffffffffffffffff, 0x0, 0x0) syz_open_procfs(0x0, 0x0) io_setup(0x8, &(0x7f0000004200)=0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') io_submit(r1, 0x1, &(0x7f0000004540)=[&(0x7f0000004280)={0x0, 0x0, 0x0, 0x5, 0x0, r2, 0x0}]) 2.029510562s ago: executing program 4 (id=593): r0 = gettid() timer_create(0x0, &(0x7f0000000140)={0x0, 0x21, 0x800000000004, @tid=r0}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000000)={{0x0, 0x989680}, {0x0, 0x3938700}}, 0x0) r1 = syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) bind$bt_sco(r1, &(0x7f0000000040)={0x1f, @fixed}, 0x8) listen(r1, 0x0) accept4(r1, 0x0, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x1) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, 0x0) sched_setscheduler(0x0, 0x2, 0x0) socket(0x1, 0x803, 0x0) 1.891283898s ago: executing program 2 (id=594): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f00000001c0)={&(0x7f0000000100)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x3c, 0x3c, 0x4, [@struct={0xe, 0x2, 0x0, 0x4, 0x1, 0x9f1e, [{0x7, 0x0, 0xfffffff9}, {0x4, 0x5, 0x7}]}, @struct={0xc, 0x1, 0x0, 0x4, 0x1, 0x5, [{0x10, 0x3, 0xa44edb1d}]}]}, {0x0, [0x30, 0x5f]}}, &(0x7f0000000300)=""/238, 0x58, 0xee, 0x1, 0x3, 0x0, @void, @value}, 0x20) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x18, 0x3b, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, 0x0, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0xffffffffffffff0a) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1}, 0x10) socket$kcm(0x10, 0x2, 0x10) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x48241, 0x0) ioctl$TUNSETIFF(r2, 0x400454ca, &(0x7f00000000c0)={'syzkaller1\x00', 0x6bf1c2d5adba8c32}) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000240)=@framed={{}, [@printk={@ld, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x70}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)='ramfs\x00', 0x0, 0x0) chdir(&(0x7f0000000240)='./file0\x00') mkdir(&(0x7f0000000000)='./control\x00', 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000300)=@newlink={0x50, 0x10, 0x401, 0x0, 0x80000000, {}, [@IFLA_IFNAME={0x14, 0x3, 'ipvlan1\x00'}, @IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPVLAN_FLAGS={0x6, 0x2, 0x1}]}}}]}, 0x50}}, 0x0) open$dir(&(0x7f00000002c0)='./control/file0\x00', 0x80040, 0x0) rmdir(&(0x7f0000000040)='./control\x00') 1.762491376s ago: executing program 2 (id=595): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000140), 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r2 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0x1ffffe, 0x10100, 0x0, 0x0, 0x0, r1}, &(0x7f0000000180)=0x0, &(0x7f00000001c0)=0x0) syz_io_uring_submit(r3, r4, &(0x7f0000000040)=@IORING_OP_POLL_ADD={0x6, 0x2, 0x0, @fd_index=0x4, 0x0, 0x0, 0x0, {}, 0x1}) io_uring_enter(r2, 0x2ded, 0x4000, 0x0, 0x0, 0x0) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) mknodat$null(0xffffffffffffff9c, 0x0, 0x0, 0x103) name_to_handle_at(0xffffffffffffff9c, 0x0, &(0x7f00000000c0)=@FILEID_UDF_WITH_PARENT={0x14}, &(0x7f0000002300), 0x0) r5 = socket$inet6_udp(0xa, 0x2, 0x0) connect$pppl2tp(0xffffffffffffffff, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, r5, {0x2, 0x0, @dev}, 0x2}}, 0x2e) r6 = syz_init_net_socket$802154_dgram(0x24, 0x2, 0x0) setsockopt$WPAN_SECURITY_LEVEL(r6, 0x0, 0x2, &(0x7f0000000000)=0xffffffffffffffff, 0x4) recvmmsg(r6, &(0x7f0000002380)=[{{0x0, 0x0, 0x0}, 0x1000}], 0x1, 0x100, &(0x7f0000002400)={0x77359400}) 1.472142706s ago: executing program 0 (id=596): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="f573497ce91739bf0a012d26b4f053142b4a8ef36f2244981d4fb7e42c1524e763f63c3e521725232c30626ec681704494a1001970e09196ca2b352a"], 0x48) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000280)={&(0x7f0000000000)=ANY=[@ANYBLOB="9feb010018000000000000003000000030000000020000000000000001000004080000000000000002000000200000000000000000000009030000000000000000000004"], 0x0, 0x4a, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x20) openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) 925.844499ms ago: executing program 3 (id=597): set_mempolicy(0x6, &(0x7f00000003c0)=0x8000000000000001, 0xe0) madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0xe) mremap(&(0x7f0000a96000/0x1000)=nil, 0x1000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) kcmp(0x0, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) r0 = getpid() bpf$MAP_CREATE(0x0, &(0x7f0000001980)=ANY=[], 0x50) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(0xffffffffffffffff, &(0x7f000057eff8)=@abs, 0x6e) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) capget(&(0x7f0000000240)={0x20071026, r0}, &(0x7f0000000340)={0x4d731119, 0x6, 0x0, 0x5, 0x8, 0xffff}) mremap(&(0x7f000020e000/0x2000)=nil, 0x2000, 0x400000, 0x3, &(0x7f000082a000/0x400000)=nil) mbind(&(0x7f0000400000/0xc00000)=nil, 0xc01100, 0x0, 0x0, 0x0, 0x2) 879.164448ms ago: executing program 2 (id=598): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x0, 0x4, &(0x7f0000000040)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f00000001c0)='blkio.bfq.io_wait_time_recursive\x00', 0x275a, 0x0) fcntl$lock(0xffffffffffffffff, 0x0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x8000040000000001, 0xffffffffffffffff}) write$binfmt_script(r2, 0x0, 0x0) syz_emit_vhci(&(0x7f00000005c0)=@HCI_EVENT_PKT={0x4, @hci_ev_link_key_req={{0x17, 0x6}}}, 0x9) syz_emit_vhci(&(0x7f0000000600)=@HCI_EVENT_PKT={0x4, @hci_ev_qos_setup_complete={{0xd, 0x14}, {0x5, 0xc8, {0x1, 0x7, 0x5, 0x400, 0x8d29}}}}, 0x17) connect(0xffffffffffffffff, &(0x7f0000000680)=@ax25={{0x3, @bcast, 0x2}, [@bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @null, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @null, @bcast, @default]}, 0x80) syz_emit_vhci(&(0x7f0000001800)=@HCI_EVENT_PKT={0x4, @hci_ev_disconn_complete={{0x5, 0x4}, {0x0, 0xc9, 0x9}}}, 0x7) ioctl$SNDRV_SEQ_IOCTL_QUERY_NEXT_PORT(0xffffffffffffffff, 0xc0bc5310, &(0x7f0000000100)={{}, 'port0\x00'}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x28011, r2, 0x0) preadv(r2, &(0x7f00000015c0), 0x0, 0x0, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000000000/0x18000)=nil, &(0x7f0000000140)=[@text64={0x40, 0x0}], 0x1, 0x64, 0x0, 0x0) 818.510894ms ago: executing program 4 (id=599): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, 0x0) getpid() r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000300)=ANY=[@ANYBLOB="18010000120000000000000000000000850000006d000000180100002020642500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000000600000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000240)={&(0x7f00000001c0)='contention_end\x00', r0}, 0x18) socket$nl_generic(0x10, 0x3, 0x10) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r4 = ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x200) 746.458992ms ago: executing program 2 (id=600): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) r0 = io_uring_setup(0x6281, &(0x7f0000000080)) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) r3 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$KVM_CREATE_VM(r3, 0xae01, 0x0) r4 = syz_open_procfs$pagemap(0xffffffffffffffff, &(0x7f0000000000)) ioctl$PAGEMAP_SCAN(r4, 0xc0606610, &(0x7f00000001c0)={0x60, 0x1, &(0x7f0000ff9000/0x4000)=nil, &(0x7f0000ffc000/0x4000)=nil, 0x0, 0x0}) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) io_uring_enter(0xffffffffffffffff, 0x2ded, 0x4000, 0x0, 0x0, 0x0) pipe(0x0) io_uring_register$IORING_REGISTER_BUFFERS(r0, 0x0, &(0x7f00000002c0)=[{&(0x7f0000001700)=""/4095, 0x440000}], 0x100000000000011a) mbind(&(0x7f0000001000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0, 0x2) madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x15) sendmsg$ETHTOOL_MSG_PAUSE_SET(0xffffffffffffffff, 0x0, 0x0) 652.570719ms ago: executing program 3 (id=601): r0 = socket$inet6(0xa, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x20000000) setsockopt$inet6_MCAST_JOIN_GROUP(r0, 0x29, 0x2a, &(0x7f0000000080)={0x0, {{0xa, 0x1, 0x0, @mcast2}}}, 0x84) setxattr$trusted_overlay_redirect(0x0, 0x0, 0x0, 0x0, 0x0) r1 = syz_usb_connect$hid(0x0, 0x36, 0x0, 0x0) syz_usb_control_io(r1, &(0x7f00000003c0)={0x18, &(0x7f0000000040)={0x0, 0x0, 0x2, {0x2}}, 0x0, 0x0, 0x0, 0x0}, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r3 = dup(r2) write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd2c) r4 = socket$kcm(0x29, 0x2, 0x0) r5 = memfd_create(&(0x7f0000000000)='e\xf4E\x88-\x00', 0x0) syz_open_dev$dri(0x0, 0x1f, 0x0) syz_open_dev$dri(0x0, 0x1f, 0x0) pwritev(r5, &(0x7f0000000040)=[{&(0x7f0000000480)="db", 0x1}], 0x1, 0x4000001, 0x0) sendfile(r4, r5, 0x0, 0x8000fb00) 541.963387ms ago: executing program 0 (id=602): socket$packet(0x11, 0x3, 0x300) syz_genetlink_get_family_id$nl80211(&(0x7f00000000c0), 0xffffffffffffffff) openat$fuse(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000008002b000000000000000018040000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000002000000b704000000000000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000400)={&(0x7f00000003c0)='sched_switch\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) sendto(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) r3 = syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x7079, 0x0, 0x2, 0x288}, &(0x7f0000000300)=0x0, &(0x7f0000000200)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r3, 0x3516, 0x0, 0x0, 0x0, 0x0) 0s ago: executing program 2 (id=603): bind$alg(0xffffffffffffffff, 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) fsetxattr(0xffffffffffffffff, &(0x7f0000000040)=@known='trusted.overlay.impure\x00', 0x0, 0x0, 0x2) r0 = syz_open_dev$sndmidi(0x0, 0x2, 0x141101) r1 = dup(r0) write$6lowpan_enable(r1, 0x0, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, &(0x7f0000000080)=0xfffffff8, 0x0, 0x4) socketpair$nbd(0x1, 0x1, 0x0, 0x0) ioctl$sock_ipv4_tunnel_SIOCADDTUNNEL(r1, 0x89f1, &(0x7f00000001c0)={'gretap0\x00', &(0x7f00000000c0)={'sit0\x00', 0x0, 0x80, 0x8, 0xef, 0xd90, {{0x9, 0x4, 0x0, 0x16, 0x24, 0x67, 0x0, 0x0, 0x2f, 0x0, @loopback, @rand_addr=0x64010102, {[@end, @end, @generic={0x7, 0xc, "cc090ecdc0ec50d0f63e"}]}}}}}) syz_io_uring_submit(0x0, 0x0, &(0x7f00000004c0)=@IORING_OP_RECV=@pass_buffer={0x1b, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x1}) ioctl$VFAT_IOCTL_READDIR_BOTH(r1, 0x82187201, 0x0) r2 = getpid() process_vm_readv(r2, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x8) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x15) io_uring_enter(0xffffffffffffffff, 0x8aa, 0x0, 0x0, 0x0, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:13064' (ED25519) to the list of known hosts. [ 32.162699][ T5850] cgroup: Unknown subsys name 'net' [ 32.309798][ T5850] cgroup: Unknown subsys name 'cpuset' [ 32.313860][ T5850] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 33.157864][ T5850] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 35.413951][ T5930] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 35.417373][ T5930] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 35.420072][ T5930] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 35.422398][ T5930] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 35.424944][ T5930] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 35.427108][ T5930] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 35.429851][ T5930] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 35.433689][ T5930] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 35.434900][ T5934] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 35.436088][ T5930] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 35.440157][ T5934] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 35.442299][ T5930] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 35.444254][ T5934] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 35.445879][ T5930] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 35.448685][ T5934] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 35.453106][ T65] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 35.457967][ T5939] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 35.459592][ T65] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 35.462131][ T65] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 35.465099][ T5942] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 35.467355][ T65] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 35.467687][ T5942] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 35.473435][ T65] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 35.476541][ T5935] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 35.647799][ T5928] chnl_net:caif_netlink_parms(): no params data found [ 35.689373][ T5929] chnl_net:caif_netlink_parms(): no params data found [ 35.745170][ T5940] chnl_net:caif_netlink_parms(): no params data found [ 35.751062][ T5936] chnl_net:caif_netlink_parms(): no params data found [ 35.822464][ T5928] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.825180][ T5928] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.828560][ T5928] bridge_slave_0: entered allmulticast mode [ 35.830609][ T5928] bridge_slave_0: entered promiscuous mode [ 35.843697][ T5929] bridge0: port 1(bridge_slave_0) entered blocking state [ 35.845641][ T5929] bridge0: port 1(bridge_slave_0) entered disabled state [ 35.847706][ T5929] bridge_slave_0: entered allmulticast mode [ 35.849822][ T5929] bridge_slave_0: entered promiscuous mode [ 35.853248][ T5929] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.855503][ T5929] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.857787][ T5929] bridge_slave_1: entered allmulticast mode [ 35.860456][ T5929] bridge_slave_1: entered promiscuous mode [ 35.877832][ T5928] bridge0: port 2(bridge_slave_1) entered blocking state [ 35.880024][ T5928] bridge0: port 2(bridge_slave_1) entered disabled state [ 35.882607][ T5928] bridge_slave_1: entered allmulticast mode [ 35.885634][ T5928] bridge_slave_1: entered promiscuous mode [ 35.985666][ T5929] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 35.999498][ T5940] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.002086][ T5940] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.004296][ T5940] bridge_slave_0: entered allmulticast mode [ 36.006552][ T5940] bridge_slave_0: entered promiscuous mode [ 36.010200][ T5928] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 36.021916][ T5929] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 36.032455][ T5940] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.034347][ T5940] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.036211][ T5940] bridge_slave_1: entered allmulticast mode [ 36.038499][ T5940] bridge_slave_1: entered promiscuous mode [ 36.050955][ T5928] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 36.100517][ T5936] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.102514][ T5936] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.105087][ T5936] bridge_slave_0: entered allmulticast mode [ 36.109262][ T5936] bridge_slave_0: entered promiscuous mode [ 36.111784][ T5936] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.113842][ T5936] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.115738][ T5936] bridge_slave_1: entered allmulticast mode [ 36.118005][ T5936] bridge_slave_1: entered promiscuous mode [ 36.121753][ T5929] team0: Port device team_slave_0 added [ 36.135490][ T5940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 36.139309][ T5940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 36.144618][ T5928] team0: Port device team_slave_0 added [ 36.148231][ T5929] team0: Port device team_slave_1 added [ 36.168848][ T5928] team0: Port device team_slave_1 added [ 36.180257][ T5936] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 36.205959][ T5936] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 36.210701][ T5940] team0: Port device team_slave_0 added [ 36.220433][ T5929] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.222263][ T5929] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.229614][ T5929] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.242175][ T5940] team0: Port device team_slave_1 added [ 36.244390][ T5928] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.247374][ T5928] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.254259][ T5928] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.258667][ T5929] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.260540][ T5929] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.267317][ T5929] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.295739][ T5928] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.298250][ T5928] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.305832][ T5928] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.315554][ T5936] team0: Port device team_slave_0 added [ 36.317792][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.320367][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.328424][ T5940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.332267][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.334433][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.341220][ T5940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.353074][ T5936] team0: Port device team_slave_1 added [ 36.393207][ T5929] hsr_slave_0: entered promiscuous mode [ 36.395842][ T5929] hsr_slave_1: entered promiscuous mode [ 36.400447][ T5928] hsr_slave_0: entered promiscuous mode [ 36.402316][ T5928] hsr_slave_1: entered promiscuous mode [ 36.404127][ T5928] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 36.407089][ T5928] Cannot create hsr debugfs directory [ 36.418152][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.420046][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.427968][ T5936] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.440513][ T5936] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.442444][ T5936] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.449837][ T5936] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 36.491452][ T5940] hsr_slave_0: entered promiscuous mode [ 36.493578][ T5940] hsr_slave_1: entered promiscuous mode [ 36.495485][ T5940] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 36.497968][ T5940] Cannot create hsr debugfs directory [ 36.545334][ T5936] hsr_slave_0: entered promiscuous mode [ 36.547664][ T5936] hsr_slave_1: entered promiscuous mode [ 36.549472][ T5936] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 36.551448][ T5936] Cannot create hsr debugfs directory [ 36.731294][ T5929] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 36.737394][ T5929] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 36.742359][ T5929] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 36.750209][ T5929] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 36.769398][ T5928] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 36.773880][ T5928] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 36.778052][ T5928] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 36.781707][ T5928] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 36.803868][ T5940] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 36.808381][ T5940] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 36.812714][ T5940] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 36.823517][ T5940] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 36.842251][ T5936] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 36.858187][ T5936] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 36.861995][ T5936] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 36.878379][ T5936] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 36.895470][ T5929] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.901912][ T5928] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.913685][ T5929] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.925679][ T5928] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.929890][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.931903][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.943096][ T1130] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.945237][ T1130] bridge0: port 1(bridge_slave_0) entered forwarding state [ 36.948529][ T1130] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.950444][ T1130] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.954982][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.956951][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 36.968699][ T5940] 8021q: adding VLAN 0 to HW filter on device bond0 [ 36.984876][ T5940] 8021q: adding VLAN 0 to HW filter on device team0 [ 36.992848][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.995064][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.006964][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.008876][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.060027][ T5936] 8021q: adding VLAN 0 to HW filter on device bond0 [ 37.072667][ T5936] 8021q: adding VLAN 0 to HW filter on device team0 [ 37.084224][ T1130] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.086156][ T1130] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.094868][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.096801][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.130901][ T5929] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 37.149699][ T5928] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 37.165475][ T5929] veth0_vlan: entered promiscuous mode [ 37.173624][ T5929] veth1_vlan: entered promiscuous mode [ 37.179479][ T5928] veth0_vlan: entered promiscuous mode [ 37.184791][ T5940] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 37.191518][ T5928] veth1_vlan: entered promiscuous mode [ 37.210470][ T5929] veth0_macvtap: entered promiscuous mode [ 37.214103][ T5936] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 37.227577][ T5929] veth1_macvtap: entered promiscuous mode [ 37.234808][ T5928] veth0_macvtap: entered promiscuous mode [ 37.239720][ T5928] veth1_macvtap: entered promiscuous mode [ 37.242108][ T5940] veth0_vlan: entered promiscuous mode [ 37.246906][ T5929] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 37.255253][ T5928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.258435][ T5928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.261554][ T5928] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 37.265995][ T5940] veth1_vlan: entered promiscuous mode [ 37.269215][ T5929] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 37.272114][ T5928] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.274958][ T5928] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.278216][ T5928] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 37.283303][ T5928] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.285717][ T5928] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.288728][ T5928] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.291193][ T5928] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.295590][ T5929] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.298520][ T5929] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.300806][ T5929] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.303114][ T5929] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.318707][ T5936] veth0_vlan: entered promiscuous mode [ 37.325222][ T5940] veth0_macvtap: entered promiscuous mode [ 37.335453][ T5940] veth1_macvtap: entered promiscuous mode [ 37.345400][ T5936] veth1_vlan: entered promiscuous mode [ 37.363142][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.366019][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.369165][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.371914][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.375204][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 37.392600][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.396213][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.400160][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.403702][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.407872][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 37.412880][ T5940] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.415878][ T5940] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.418900][ T5940] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.421805][ T5940] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.428934][ T1176] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.431111][ T1176] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.435037][ T5936] veth0_macvtap: entered promiscuous mode [ 37.439705][ T5936] veth1_macvtap: entered promiscuous mode [ 37.450746][ T1176] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.453951][ T1176] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.456984][ T1176] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.459218][ T1176] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.459576][ T5936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.465170][ T5936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.467946][ T5936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.470768][ T5936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.473315][ T5936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 37.476122][ T5936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.480106][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 37.490606][ T5936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.493465][ T5936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.496362][ T5936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.499445][ T5936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.502990][ T5936] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 37.507120][ T5936] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 37.510432][ T5936] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 37.518748][ T1130] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.518917][ T5936] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.520868][ T1130] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.523170][ T5936] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.528071][ T5938] Bluetooth: hci3: command tx timeout [ 37.528289][ T5938] Bluetooth: hci2: command tx timeout [ 37.529631][ T65] Bluetooth: hci1: command tx timeout [ 37.529651][ T5936] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.530002][ T5935] Bluetooth: hci0: command tx timeout [ 37.532726][ T5928] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 37.532781][ T5936] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 37.552383][ T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.555369][ T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.580138][ T1176] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.582493][ T1176] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.606449][ T81] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.608566][ T81] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.633092][ T1176] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 37.635240][ T1176] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 37.638202][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 37.640683][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 37.666802][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 37.677214][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 37.895502][ T5997] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1'. [ 38.085982][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 38.188412][ T0] NOHZ tick-stop error: local softirq work is pending, handler #140!!! [ 38.287359][ T6036] geneve2: entered promiscuous mode [ 38.327344][ T6043] netlink: 12 bytes leftover after parsing attributes in process `syz.2.7'. [ 38.330817][ T6043] netlink: 'syz.2.7': attribute type 1 has an invalid length. [ 38.332827][ T6043] netlink: 224 bytes leftover after parsing attributes in process `syz.2.7'. [ 38.334346][ T6038] syz.1.8 uses obsolete (PF_INET,SOCK_PACKET) [ 38.473282][ T6036] Zero length message leads to an empty skb [ 38.596754][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 38.599278][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 38.636477][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 38.992980][ T6078] random: crng reseeded on system resumption [ 39.306450][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 39.611235][ T5938] Bluetooth: hci0: command tx timeout [ 39.617540][ T5938] Bluetooth: hci2: command tx timeout [ 39.617591][ T5942] Bluetooth: hci1: command tx timeout [ 39.617694][ T5935] Bluetooth: hci3: command tx timeout [ 39.934447][ T6119] binder: 6100:6119 ioctl c0306201 0 returned -14 [ 40.977188][ T5992] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 41.166335][ T5992] usb 6-1: Using ep0 maxpacket: 8 [ 41.172461][ T5992] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 41.175367][ T5992] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 41.177979][ T5992] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 41.181985][ T5992] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 41.185930][ T5992] usb 6-1: config 0 descriptor?? [ 41.611697][ T5992] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 41.686381][ T5942] Bluetooth: hci3: command tx timeout [ 41.696450][ T5942] Bluetooth: hci2: command tx timeout [ 41.696544][ T5935] Bluetooth: hci1: command tx timeout [ 41.699430][ T5938] Bluetooth: hci0: command tx timeout [ 41.820396][ T62] usb 6-1: USB disconnect, device number 2 [ 41.827673][ T6176] warning: `syz.2.27' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 42.588839][ T6191] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 42.592706][ T6191] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 42.597563][ T6191] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 42.599883][ T6191] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 42.602493][ T6191] netdevsim netdevsim3 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 42.604875][ T6191] netdevsim netdevsim3 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 42.612677][ T6191] netdevsim netdevsim3 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 42.615682][ T6191] netdevsim netdevsim3 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 42.618871][ T6191] geneve2: entered promiscuous mode [ 42.620591][ T6191] geneve2: entered allmulticast mode [ 42.781887][ T5938] Bluetooth: hci3: unexpected subevent 0x01 length: 12 < 18 [ 43.264871][ T6214] evm: overlay not supported [ 43.271845][ T6214] overlay: filesystem on ./bus not supported as upperdir [ 43.586088][ T6224] capability: warning: `syz.2.43' uses deprecated v2 capabilities in a way that may be insecure [ 43.666432][ T62] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 43.766496][ T5938] Bluetooth: hci2: command tx timeout [ 43.766507][ T5935] Bluetooth: hci3: command tx timeout [ 43.776959][ T5935] Bluetooth: hci0: command tx timeout [ 43.776995][ T5938] Bluetooth: hci1: command tx timeout [ 43.781889][ T6237] netlink: 187320 bytes leftover after parsing attributes in process `syz.3.48'. [ 43.785201][ T6237] netlink: zone id is out of range [ 43.789604][ T6237] netlink: zone id is out of range [ 43.791825][ T6237] netlink: zone id is out of range [ 43.793416][ T6237] netlink: zone id is out of range [ 43.836486][ T62] usb 6-1: Using ep0 maxpacket: 32 [ 43.841485][ T62] usb 6-1: New USB device found, idVendor=174f, idProduct=6a31, bcdDevice=26.3f [ 43.844535][ T62] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 43.847454][ T62] usb 6-1: Product: syz [ 43.848885][ T62] usb 6-1: Manufacturer: syz [ 43.850432][ T62] usb 6-1: SerialNumber: syz [ 43.856942][ T62] gspca_main: stk1135-2.14.0 probing 174f:6a31 [ 44.188582][ T6250] netlink: 44 bytes leftover after parsing attributes in process `syz.0.52'. [ 44.397928][ T62] gspca_stk1135: reg_w 0x0 err -71 [ 44.401016][ T62] gspca_stk1135: serial bus timeout: status=0x00 [ 44.402819][ T62] gspca_stk1135: Sensor write failed [ 44.404313][ T62] gspca_stk1135: serial bus timeout: status=0x00 [ 44.406041][ T62] gspca_stk1135: Sensor write failed [ 44.407814][ T62] gspca_stk1135: serial bus timeout: status=0x00 [ 44.409764][ T62] gspca_stk1135: Sensor read failed [ 44.411223][ T62] gspca_stk1135: serial bus timeout: status=0x00 [ 44.413013][ T62] gspca_stk1135: Sensor read failed [ 44.414474][ T62] gspca_stk1135: Detected sensor type unknown (0x0) [ 44.416385][ T62] gspca_stk1135: serial bus timeout: status=0x00 [ 44.418111][ T62] gspca_stk1135: Sensor read failed [ 44.419588][ T62] gspca_stk1135: serial bus timeout: status=0x00 [ 44.421561][ T62] gspca_stk1135: Sensor read failed [ 44.423106][ T62] gspca_stk1135: serial bus timeout: status=0x00 [ 44.424856][ T62] gspca_stk1135: Sensor write failed [ 44.426497][ T62] gspca_stk1135: serial bus timeout: status=0x00 [ 44.428218][ T62] gspca_stk1135: Sensor write failed [ 44.429678][ T62] stk1135 6-1:64.0: probe with driver stk1135 failed with error -71 [ 44.432711][ T62] usb 6-1: USB disconnect, device number 3 [ 44.874547][ T6258] kvm: vcpu 0: requested lapic timer restore with starting count register 0x390=1812281087 (231971979136 ns) > initial count (128 ns). Using initial count to start timer. [ 44.960490][ T6250] Set syz1 is full, maxelem 65536 reached [ 45.211781][ T6277] can0: slcan on ttyS3. [ 45.228174][ T6279] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 45.239771][ T6279] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 45.250749][ T6279] vlan2: entered promiscuous mode [ 45.253162][ T6279] bond0: entered promiscuous mode [ 45.255724][ T6279] bond_slave_0: entered promiscuous mode [ 45.258767][ T6279] bond_slave_1: entered promiscuous mode [ 45.265823][ T6279] bond0: left promiscuous mode [ 45.268216][ T6279] bond_slave_0: left promiscuous mode [ 45.269664][ T6279] bond_slave_1: left promiscuous mode [ 45.277335][ T6277] can0 (unregistered): slcan off ttyS3. [ 45.828176][ T6289] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 45.830961][ T6289] IPv6: NLM_F_CREATE should be set when creating new route [ 45.834998][ T6289] netlink: 'syz.3.64': attribute type 27 has an invalid length. [ 45.876138][ T6289] bridge0: port 2(bridge_slave_1) entered disabled state [ 45.879370][ T6289] bridge0: port 1(bridge_slave_0) entered disabled state [ 45.925015][ T6289] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 45.932230][ T6289] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 45.985557][ T6289] netdevsim netdevsim3 netdevsim0: unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.988779][ T6289] netdevsim netdevsim3 netdevsim1: unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.990972][ T6289] netdevsim netdevsim3 netdevsim2: unset [1, 0] type 2 family 0 port 6081 - 0 [ 45.993572][ T6289] netdevsim netdevsim3 netdevsim3: unset [1, 0] type 2 family 0 port 6081 - 0 [ 46.335723][ T6307] random: crng reseeded on system resumption [ 46.491152][ T6320] overlayfs: failed to get inode (-116) [ 46.493574][ T6320] overlayfs: failed to get inode (-116) [ 46.495336][ T6320] overlayfs: failed to get inode (-116) [ 46.498066][ T6320] overlayfs: failed to get inode (-116) [ 47.573628][ T6377] netlink: 24 bytes leftover after parsing attributes in process `syz.1.86'. [ 49.070942][ T6418] netdevsim netdevsim0 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.146728][ T6418] netdevsim netdevsim0 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.215639][ T6418] netdevsim netdevsim0 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.288364][ T6418] netdevsim netdevsim0 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 49.372007][ T6418] netdevsim netdevsim0 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.378888][ T6418] netdevsim netdevsim0 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.384619][ T6418] netdevsim netdevsim0 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.390768][ T6418] netdevsim netdevsim0 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 50.056357][ T5992] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 50.217953][ T5992] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 50.220264][ T5992] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 50.225578][ T5992] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 50.228542][ T5992] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 50.231369][ T5992] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 50.236874][ T5992] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 50.239301][ T5992] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 50.241509][ T5992] usb 5-1: Product: syz [ 50.242706][ T5992] usb 5-1: Manufacturer: syz [ 50.251531][ T5992] cdc_wdm 5-1:1.0: skipping garbage [ 50.253091][ T5992] cdc_wdm 5-1:1.0: skipping garbage [ 50.255862][ T5992] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 50.257910][ T5992] cdc_wdm 5-1:1.0: Unknown control protocol [ 50.459723][ T35] usb 5-1: USB disconnect, device number 2 [ 51.023832][ T6487] netlink: 64 bytes leftover after parsing attributes in process `syz.2.120'. [ 51.027923][ T6487] openvswitch: netlink: Missing key (keys=40, expected=200000) [ 51.096341][ T5992] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 51.247738][ T5992] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 51.250090][ T5992] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 51.252870][ T5992] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 51.255303][ T5992] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 55, changing to 9 [ 51.258369][ T5992] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8496, setting to 1024 [ 51.264353][ T5992] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 51.267547][ T5992] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 51.269735][ T5992] usb 5-1: Product: syz [ 51.271016][ T5992] usb 5-1: Manufacturer: syz [ 51.275756][ T5992] cdc_wdm 5-1:1.0: skipping garbage [ 51.277553][ T5992] cdc_wdm 5-1:1.0: skipping garbage [ 51.279626][ T5992] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 51.281253][ T5992] cdc_wdm 5-1:1.0: Unknown control protocol [ 51.805156][ T39] audit: type=1326 audit(1734833569.268:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6501 comm="syz.1.123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000 [ 51.811259][ T39] audit: type=1326 audit(1734833569.268:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6501 comm="syz.1.123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000 [ 51.816980][ T39] audit: type=1326 audit(1734833569.268:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6501 comm="syz.1.123" exe="/syz-executor" sig=0 arch=40000003 syscall=151 compat=1 ip=0xf7f00579 code=0x7ffc0000 [ 51.822615][ T39] audit: type=1326 audit(1734833569.268:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6501 comm="syz.1.123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000 [ 51.828250][ T39] audit: type=1326 audit(1734833569.268:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6501 comm="syz.1.123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000 [ 51.833718][ T39] audit: type=1326 audit(1734833569.268:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6501 comm="syz.1.123" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf7f00579 code=0x7ffc0000 [ 51.839374][ T39] audit: type=1326 audit(1734833569.278:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6501 comm="syz.1.123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000 [ 51.844947][ T39] audit: type=1326 audit(1734833569.278:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6501 comm="syz.1.123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000 [ 51.850514][ T39] audit: type=1326 audit(1734833569.278:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6501 comm="syz.1.123" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf7f00579 code=0x7ffc0000 [ 51.856001][ T39] audit: type=1326 audit(1734833569.278:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6501 comm="syz.1.123" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f00579 code=0x7ffc0000 [ 52.089417][ T6506] netlink: 76 bytes leftover after parsing attributes in process `syz.1.124'. [ 52.193328][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.195109][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.197408][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.199972][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.202030][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.203870][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.206052][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.207952][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.210110][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.211935][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.213872][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.215569][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.217505][ C2] cdc_wdm 5-1:1.0: nonzero urb status received: -EPIPE [ 52.221123][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.222981][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.224686][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.226546][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.228276][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.229780][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.233046][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.235251][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.237251][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.239378][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.241481][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.243624][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.245595][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.247783][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.249944][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.251934][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.254186][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.256340][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.258821][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.260993][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.263093][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.265094][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.267203][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.269324][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.271209][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.273442][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.275505][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.277742][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.279932][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.281990][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.284203][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.286168][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.292136][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.297202][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.299588][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.301503][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.303382][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.305516][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.307559][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.309804][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.312777][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.312823][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.313003][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.313035][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.313212][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.313245][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.313422][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.313453][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.313657][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.314070][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.314299][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.314324][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.314527][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.314563][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.314745][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.314780][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.314959][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.314992][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.315191][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.315218][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.315450][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.315478][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.315688][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.315713][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.315932][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.315958][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.316179][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.316203][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.316397][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.316609][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.316819][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.317023][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.317219][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.317414][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.317619][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.317825][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.318042][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.318076][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.318299][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.318328][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.318550][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.318578][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.318795][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.318822][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.319025][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.319060][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.319273][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.319298][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.319513][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.319743][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.400060][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.401863][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.403508][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.404975][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.406721][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.408365][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.409848][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.411490][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.413017][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.414607][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.416106][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.417801][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.419439][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.420921][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.422553][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.424126][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.425554][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.427166][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.428645][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.430246][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.431721][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.433346][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.434844][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.436469][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.438086][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.439576][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.441196][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.442793][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.444549][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.446069][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.447701][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.449197][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.450844][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.452334][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.453979][ C2] cdc_wdm 5-1:1.0: Stall on int endpoint [ 52.455489][ C2] cdc_wdm 5-1:1.0: Cannot schedule work [ 52.456964][ C2] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -1 [ 52.460931][ T5992] usb 5-1: USB disconnect, device number 3 [ 53.933069][ T6546] netlink: 8 bytes leftover after parsing attributes in process `syz.1.133'. [ 53.936496][ T6546] netlink: 4 bytes leftover after parsing attributes in process `syz.1.133'. [ 53.940456][ T6546] netlink: 'syz.1.133': attribute type 1 has an invalid length. [ 53.943274][ T6546] nbd: error processing sock list [ 54.665521][ T6564] random: crng reseeded on system resumption [ 55.044697][ T5938] Bluetooth: hci3: unexpected event 0x03 length: 1 < 11 [ 55.197435][ T5938] Bluetooth: hci2: unexpected subevent 0x0e length: 30 > 15 [ 55.200992][ T5938] Bluetooth: hci2: Unable to find connection for dst 00:00:00:68:63:74 sid 0x77 [ 55.810501][ T6598] syzkaller0: entered promiscuous mode [ 55.812519][ T6598] syzkaller0: entered allmulticast mode [ 55.918242][ T6587] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 57.116658][ T39] kauditd_printk_skb: 17 callbacks suppressed [ 57.116669][ T39] audit: type=1326 audit(1734833574.578:29): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6624 comm="syz.0.154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x7ffc0000 [ 57.123874][ T39] audit: type=1326 audit(1734833574.588:30): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6624 comm="syz.0.154" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f47579 code=0x7ffc0000 [ 57.646354][ T35] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 57.796378][ T35] usb 6-1: Using ep0 maxpacket: 16 [ 57.798973][ T35] usb 6-1: config 1 interface 0 altsetting 235 endpoint 0x81 has an invalid bInterval 167, changing to 11 [ 57.801783][ T35] usb 6-1: config 1 interface 0 altsetting 235 bulk endpoint 0x82 has invalid maxpacket 1023 [ 57.804288][ T35] usb 6-1: config 1 interface 0 altsetting 235 bulk endpoint 0x3 has invalid maxpacket 255 [ 57.806889][ T35] usb 6-1: config 1 interface 0 has no altsetting 0 [ 57.811256][ T35] usb 6-1: New USB device found, idVendor=0525, idProduct=0800, bcdDevice= 0.00 [ 57.813571][ T35] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 57.815541][ T35] usb 6-1: Product: syz [ 57.816712][ T35] usb 6-1: Manufacturer: syz [ 57.817891][ T35] usb 6-1: SerialNumber: syz [ 57.826203][ T6629] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 57.828938][ T6629] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 58.039890][ T6629] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 58.043560][ T6629] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 58.048186][ T35] cdc_ether 6-1:1.0: probe with driver cdc_ether failed with error -71 [ 58.054572][ T35] usb 6-1: USB disconnect, device number 4 [ 58.139380][ T5885] IPVS: starting estimator thread 0... [ 58.237737][ T6636] IPVS: using max 41 ests per chain, 98400 per kthread [ 58.286801][ T6644] netlink: 8 bytes leftover after parsing attributes in process `syz.3.160'. [ 58.289875][ T6644] netlink: 8 bytes leftover after parsing attributes in process `syz.3.160'. [ 58.826342][ T9] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 58.998040][ T9] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 59.001880][ T9] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0xB has an invalid bInterval 109, changing to 10 [ 59.005822][ T9] usb 6-1: config 27 interface 0 altsetting 0 endpoint 0xB has invalid maxpacket 42584, setting to 1024 [ 59.010641][ T9] usb 6-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 59.013928][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 59.019607][ T6646] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 59.026500][ T9] usb 6-1: Quirk or no altset; falling back to MIDI 1.0 [ 59.245223][ T6192] usb 6-1: USB disconnect, device number 5 [ 60.302047][ T11] netdevsim netdevsim1 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.367860][ T11] netdevsim netdevsim1 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.452252][ T11] netdevsim netdevsim1 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.463177][ T5935] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 60.467570][ T5935] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 60.475247][ T5935] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 60.482402][ T5935] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 60.485266][ T5935] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 60.490709][ T5935] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 60.517598][ T11] netdevsim netdevsim1 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.638239][ T11] bridge_slave_1: left allmulticast mode [ 60.640682][ T11] bridge_slave_1: left promiscuous mode [ 60.642998][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 60.653095][ T11] bridge_slave_0: left allmulticast mode [ 60.655246][ T11] bridge_slave_0: left promiscuous mode [ 60.658329][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 60.981480][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 60.989170][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 60.993082][ T11] bond0 (unregistering): Released all slaves [ 61.002608][ T6672] chnl_net:caif_netlink_parms(): no params data found [ 61.120835][ T6672] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.123309][ T6672] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.127790][ T6672] bridge_slave_0: entered allmulticast mode [ 61.130253][ T6672] bridge_slave_0: entered promiscuous mode [ 61.176584][ T6672] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.178584][ T6672] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.180507][ T6672] bridge_slave_1: entered allmulticast mode [ 61.182597][ T6672] bridge_slave_1: entered promiscuous mode [ 61.204694][ T6672] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.209782][ T6672] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.237090][ T6672] team0: Port device team_slave_0 added [ 61.240549][ T6672] team0: Port device team_slave_1 added [ 61.291113][ T6672] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.293147][ T6672] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.301086][ T6672] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.304820][ T6672] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.311070][ T6672] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.318710][ T6672] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.351974][ T11] hsr_slave_0: left promiscuous mode [ 61.355276][ T11] hsr_slave_1: left promiscuous mode [ 61.362138][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 61.364883][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 61.372083][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 61.374675][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 61.395415][ T11] veth1_macvtap: left promiscuous mode [ 61.397412][ T11] veth0_macvtap: left promiscuous mode [ 61.398945][ T11] veth1_vlan: left promiscuous mode [ 61.400448][ T11] veth0_vlan: left promiscuous mode [ 62.162123][ T11] team0 (unregistering): Port device team_slave_1 removed [ 62.241696][ T11] team0 (unregistering): Port device team_slave_0 removed [ 62.567712][ T5938] Bluetooth: hci0: command tx timeout [ 62.796931][ T6672] hsr_slave_0: entered promiscuous mode [ 62.798877][ T6672] hsr_slave_1: entered promiscuous mode [ 62.800788][ T6672] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 62.802833][ T6672] Cannot create hsr debugfs directory [ 62.928792][ T6672] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 62.934579][ T6672] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 62.938621][ T6672] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 62.950786][ T6672] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 62.985696][ T6672] 8021q: adding VLAN 0 to HW filter on device bond0 [ 62.993619][ T6672] 8021q: adding VLAN 0 to HW filter on device team0 [ 63.001893][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 63.003816][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 63.014570][ T81] bridge0: port 2(bridge_slave_1) entered blocking state [ 63.016679][ T81] bridge0: port 2(bridge_slave_1) entered forwarding state [ 63.101720][ T6672] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 63.281427][ T6746] fuse: Bad value for 'fd' [ 63.316111][ T6672] veth0_vlan: entered promiscuous mode [ 63.320918][ T6672] veth1_vlan: entered promiscuous mode [ 63.344904][ T6672] veth0_macvtap: entered promiscuous mode [ 63.352402][ T6672] veth1_macvtap: entered promiscuous mode [ 63.360258][ T6672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.363011][ T6672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.366192][ T6672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 63.369639][ T6672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.372741][ T6672] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 63.394948][ T6672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.399898][ T6672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.402593][ T6672] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 63.405602][ T6672] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 63.409483][ T6672] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 63.412612][ T6672] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.415415][ T6672] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.422128][ T6672] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.424754][ T6672] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 63.506427][ T1130] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.508467][ T1130] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.524758][ T1130] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 63.526989][ T1130] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 63.841357][ T5885] usb 9-1: new high-speed USB device number 2 using dummy_hcd [ 64.019890][ T5885] usb 9-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 64.022296][ T5885] usb 9-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 64.024340][ T5885] usb 9-1: Product: syz [ 64.027221][ T5885] usb 9-1: Manufacturer: syz [ 64.029531][ T5885] usb 9-1: SerialNumber: syz [ 64.033141][ T5885] usb 9-1: config 0 descriptor?? [ 64.261049][ T6762] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370 [ 64.265379][ T5885] cx82310_eth 9-1:0.0: probe with driver cx82310_eth failed with error -22 [ 64.270796][ T5885] cxacru 9-1:0.0: usbatm_usb_probe: bind failed: -19! [ 64.275960][ T5885] usb 9-1: USB disconnect, device number 2 [ 64.640484][ T6801] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 64.646391][ T5938] Bluetooth: hci0: command tx timeout [ 64.651001][ T6801] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 64.774797][ T6803] random: crng reseeded on system resumption [ 65.937802][ T5885] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 66.100917][ T5885] usb 8-1: Using ep0 maxpacket: 8 [ 66.109322][ T5885] usb 8-1: config 1 has an invalid descriptor of length 106, skipping remainder of the config [ 66.112400][ T5885] usb 8-1: config 1 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 0 [ 66.123693][ T5885] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.57 [ 66.127312][ T5885] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 66.130230][ T5885] usb 8-1: SerialNumber: syz [ 66.133835][ T6837] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 66.139576][ T5885] cdc_ether 8-1:1.0: skipping garbage [ 66.141367][ T5885] usb 8-1: bad CDC descriptors [ 66.348939][ T5885] usb 8-1: USB disconnect, device number 2 [ 66.498308][ T6862] geneve2: entered promiscuous mode [ 66.544818][ T6863] netlink: 12 bytes leftover after parsing attributes in process `syz.4.190'. [ 66.555237][ T6863] netlink: 'syz.4.190': attribute type 1 has an invalid length. [ 66.557699][ T6863] netlink: 224 bytes leftover after parsing attributes in process `syz.4.190'. [ 66.737060][ T5938] Bluetooth: hci0: command tx timeout [ 66.821594][ T6870] mmap: syz.4.191 (6870) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 67.636357][ T5885] usb 5-1: new high-speed USB device number 4 using dummy_hcd [ 67.789027][ T5885] usb 5-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 67.794331][ T5885] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 67.796666][ T5885] usb 5-1: Product: syz [ 67.797808][ T5885] usb 5-1: Manufacturer: syz [ 67.802051][ T5885] usb 5-1: SerialNumber: syz [ 67.815576][ T5885] usb 5-1: config 0 descriptor?? [ 68.028029][ T6876] 9pnet: p9_errstr2errno: server reported unknown error 1844674407370 [ 68.031724][ T5885] cx82310_eth 5-1:0.0: probe with driver cx82310_eth failed with error -22 [ 68.036311][ T5885] cxacru 5-1:0.0: usbatm_usb_probe: bind failed: -19! [ 68.040134][ T5885] usb 5-1: USB disconnect, device number 4 [ 68.387476][ T35] IPVS: starting estimator thread 0... [ 68.486740][ T6890] IPVS: using max 40 ests per chain, 96000 per kthread [ 68.816440][ T5938] Bluetooth: hci0: command tx timeout [ 70.399086][ T6925] random: crng reseeded on system resumption [ 70.740666][ T1411] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.742563][ T1411] ieee802154 phy1 wpan1: encryption failed: -22 [ 70.786967][ T5938] Bluetooth: hci3: unexpected subevent 0x0e length: 30 > 15 [ 70.789544][ T5938] Bluetooth: hci3: Unable to find connection for dst 00:00:00:68:63:74 sid 0x77 [ 71.152783][ T6978] pim6reg: entered allmulticast mode [ 71.159010][ T6978] pim6reg: left allmulticast mode [ 71.467807][ T6955] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 74.069061][ T7027] random: crng reseeded on system resumption [ 74.767334][ T7089] tipc: Started in network mode [ 74.768680][ T7089] tipc: Node identity 4, cluster identity 4711 [ 74.770424][ T7089] tipc: Node number set to 4 [ 74.784002][ T5935] Bluetooth: hci1: unexpected subevent 0x0e length: 30 > 15 [ 74.785992][ T5935] Bluetooth: hci1: Unable to find connection for dst 00:00:00:68:63:74 sid 0x77 [ 74.972803][ T7098] vcan0: Master is either lo or non-ether device [ 75.148747][ T39] audit: type=1804 audit(1734833592.618:31): pid=7108 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.231" name="/newroot/65/file1" dev="fuse" ino=1 res=1 errno=0 [ 75.161726][ T39] audit: type=1804 audit(1734833592.618:32): pid=7108 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.231" name="/newroot/65/file1" dev="fuse" ino=1 res=1 errno=0 [ 75.561252][ T7086] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 75.852448][ T25] cfg80211: failed to load regulatory.db [ 76.398309][ T7150] random: crng reseeded on system resumption [ 79.995208][ T7261] netlink: 4 bytes leftover after parsing attributes in process `syz.4.250'. [ 80.340986][ T7268] 9pnet: bogus RWRITE count (512 > 41) [ 80.446066][ T7269] wireguard0: entered promiscuous mode [ 80.598617][ T7263] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 80.601075][ T7263] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 80.623221][ T7263] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 80.637429][ T7263] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 80.643040][ T7263] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 80.654577][ T7263] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 80.660891][ T7263] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 80.663334][ T7263] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 80.668108][ T7263] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 82.646691][ T5938] Bluetooth: hci2: command 0x0c1a tx timeout [ 82.646775][ T5935] Bluetooth: hci1: command 0x0c1a tx timeout [ 82.737342][ T5935] Bluetooth: hci3: command 0x0c1a tx timeout [ 83.746075][ T7335] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 83.748614][ T7335] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 83.750303][ T7335] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 84.115323][ T7345] wireguard0: entered promiscuous mode [ 84.594567][ T7352] netlink: 76 bytes leftover after parsing attributes in process `syz.3.270'. [ 85.766385][ T5935] Bluetooth: hci3: command 0x0c1a tx timeout [ 85.766478][ T5942] Bluetooth: hci1: command 0x0c1a tx timeout [ 85.770390][ T5938] Bluetooth: hci2: command 0x0c1a tx timeout [ 86.626425][ T7384] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 86.628909][ T7384] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 86.630747][ T7384] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 86.714135][ T7390] random: crng reseeded on system resumption [ 88.646477][ T5938] Bluetooth: hci1: command 0x0c1a tx timeout [ 88.656377][ T5938] Bluetooth: hci3: command 0x0c1a tx timeout [ 88.656450][ T5942] Bluetooth: hci2: command 0x0c1a tx timeout [ 88.677492][ T7433] netlink: zone id is out of range [ 88.984817][ T7435] binder_alloc: 7434: binder_alloc_buf, no vma [ 90.000579][ T39] audit: type=1326 audit(1734833607.468:33): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7473 comm="syz.0.299" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f47579 code=0x0 [ 90.489659][ T7495] trusted_key: syz.2.302 sent an empty control message without MSG_MORE. [ 90.790821][ T7504] netlink: 8 bytes leftover after parsing attributes in process `syz.2.304'. [ 90.794086][ T7504] netlink: 4 bytes leftover after parsing attributes in process `syz.2.304'. [ 90.807247][ T7504] netlink: 4 bytes leftover after parsing attributes in process `syz.2.304'. [ 90.880262][ T7504] bond0: (slave bond_slave_0): Releasing backup interface [ 92.297522][ T7542] netlink: zone id is out of range [ 94.799838][ T7595] netlink: 32 bytes leftover after parsing attributes in process `syz.2.332'. [ 94.969227][ T35] usb 5-1: new high-speed USB device number 5 using dummy_hcd [ 95.118783][ T35] usb 5-1: config 27 interface 0 altsetting 0 endpoint 0x8B has an invalid bInterval 0, changing to 7 [ 95.122873][ T35] usb 5-1: config 27 interface 0 altsetting 0 bulk endpoint 0xB has invalid maxpacket 47 [ 95.127975][ T35] usb 5-1: New USB device found, idVendor=0582, idProduct=0014, bcdDevice=bb.9d [ 95.131263][ T35] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 95.137750][ T7586] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 95.156885][ T35] usb 5-1: Quirk or no altset; falling back to MIDI 1.0 [ 95.413391][ T7623] netlink: 72 bytes leftover after parsing attributes in process `syz.0.331'. [ 95.421334][ T5992] usb 5-1: USB disconnect, device number 5 [ 95.591785][ T7589] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 95.596517][ T7589] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 95.606040][ T7589] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 95.610871][ T7589] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 95.615263][ T7589] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 95.626373][ T7589] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 95.850052][ T7638] netlink: 76 bytes leftover after parsing attributes in process `syz.4.324'. [ 98.696007][ T7703] netlink: 32 bytes leftover after parsing attributes in process `syz.3.348'. [ 101.960040][ T7754] netlink: 32 bytes leftover after parsing attributes in process `syz.4.352'. [ 104.234126][ T7832] netlink: 32 bytes leftover after parsing attributes in process `syz.0.366'. [ 104.473160][ T7844] wireguard0: entered promiscuous mode [ 106.733415][ T7892] netlink: 4 bytes leftover after parsing attributes in process `syz.2.381'. [ 109.358477][ T39] audit: type=1800 audit(1734833626.818:34): pid=7947 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.392" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 110.092260][ T7958] vivid-000: disconnect [ 110.100000][ T7956] vivid-000: reconnect [ 111.313727][ T7980] netlink: 4 bytes leftover after parsing attributes in process `syz.4.401'. [ 112.585639][ T7997] kvm: pic: level sensitive irq not supported [ 112.586705][ T7997] kvm: pic: single mode not supported [ 112.589097][ T7997] kvm: pic: single mode not supported [ 112.590828][ T7997] kvm: pic: single mode not supported [ 112.593079][ T7997] kvm: pic: single mode not supported [ 112.594895][ T7997] kvm: pic: single mode not supported [ 112.596833][ T7997] kvm: pic: single mode not supported [ 112.598690][ T7997] kvm: pic: single mode not supported [ 112.601064][ T7997] kvm: pic: single mode not supported [ 112.602881][ T7997] kvm: pic: single mode not supported [ 112.604557][ T7997] kvm: pic: single mode not supported [ 113.062262][ T8008] netlink: 216 bytes leftover after parsing attributes in process `syz.4.409'. [ 113.066803][ T8008] netlink: 24 bytes leftover after parsing attributes in process `syz.4.409'. [ 113.069248][ T8008] netlink: 16 bytes leftover after parsing attributes in process `syz.4.409'. [ 114.789808][ T39] audit: type=1800 audit(1734833632.248:35): pid=8042 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.4.416" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 115.158418][ T8049] netlink: 4 bytes leftover after parsing attributes in process `syz.3.418'. [ 115.972730][ T8070] overlay: Unknown parameter 'fsmagic' [ 116.082562][ T8064] ceph: No mds server is up or the cluster is laggy [ 118.873796][ T6759] libceph: connect (1)[c::]:6789 error -101 [ 118.877826][ T6759] libceph: mon0 (1)[c::]:6789 connect error [ 118.884554][ T6759] libceph: connect (1)[c::]:6789 error -101 [ 118.886569][ T6759] libceph: mon0 (1)[c::]:6789 connect error [ 119.148676][ T6759] libceph: connect (1)[c::]:6789 error -101 [ 119.150891][ T6759] libceph: mon0 (1)[c::]:6789 connect error [ 119.460960][ T8125] ceph: No mds server is up or the cluster is laggy [ 120.374960][ T8162] netlink: 'syz.2.445': attribute type 1 has an invalid length. [ 120.397454][ T8162] 8021q: adding VLAN 0 to HW filter on device bond1 [ 120.424064][ T8162] 8021q: adding VLAN 0 to HW filter on device bond1 [ 120.426688][ T8162] bond1: (slave ip6tnl1): The slave device specified does not support setting the MAC address [ 120.429969][ T8162] bond1: (slave ip6tnl1): Error -95 calling set_mac_address [ 121.119629][ T8156] syz.4.440 (8156): drop_caches: 1 [ 122.351943][ T8196] ceph: No mds server is up or the cluster is laggy [ 124.496291][ T30] libceph: connect (1)[c::]:6789 error -101 [ 124.497990][ T30] libceph: mon0 (1)[c::]:6789 connect error [ 124.542824][ T8260] ceph: No mds server is up or the cluster is laggy [ 125.709442][ T8279] syz.3.473 (8279): drop_caches: 1 [ 126.228494][ T39] audit: type=1804 audit(1734833643.698:36): pid=8308 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.4.480" name="/newroot/83/bus/file1" dev="overlay" ino=451 res=1 errno=0 [ 128.588960][ T8347] process 'syz.3.487' launched './file1' with NULL argv: empty string added [ 130.491417][ T8368] kvm: pic: level sensitive irq not supported [ 130.492107][ T8368] pic_ioport_write: 21 callbacks suppressed [ 130.492120][ T8368] kvm: pic: single mode not supported [ 130.497747][ T8368] kvm: pic: single mode not supported [ 130.500001][ T8368] kvm: pic: single mode not supported [ 130.501815][ T8368] kvm: pic: single mode not supported [ 130.503640][ T8368] kvm: pic: single mode not supported [ 130.505403][ T8368] kvm: pic: single mode not supported [ 130.508170][ T8368] kvm: pic: single mode not supported [ 130.511627][ T8368] kvm: pic: single mode not supported [ 130.514072][ T8368] kvm: pic: single mode not supported [ 130.516120][ T8368] kvm: pic: single mode not supported [ 132.167773][ T1411] ieee802154 phy0 wpan0: encryption failed: -22 [ 132.170978][ T1411] ieee802154 phy1 wpan1: encryption failed: -22 [ 133.834660][ T8417] syz.0.511 (8417): drop_caches: 1 [ 134.462630][ T5885] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 134.957800][ T8445] bridge0: port 3(syz_tun) entered blocking state [ 134.959753][ T8445] bridge0: port 3(syz_tun) entered disabled state [ 134.961614][ T8445] syz_tun: entered allmulticast mode [ 134.963899][ T8445] syz_tun: entered promiscuous mode [ 134.965844][ T8445] bridge0: port 3(syz_tun) entered blocking state [ 134.967711][ T8445] bridge0: port 3(syz_tun) entered forwarding state [ 148.266109][ T39] audit: type=1804 audit(1734833665.728:37): pid=8492 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.3.521" name="/newroot/133/file0/file0" dev="9p" ino=39190842 res=1 errno=0 [ 148.275145][ T39] audit: type=1800 audit(1734833665.738:38): pid=8492 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.521" name="bus" dev="9p" ino=39190845 res=0 errno=0 [ 148.280344][ T8482] netlink: 36 bytes leftover after parsing attributes in process `syz.0.517'. [ 148.282637][ T8482] netlink: 16 bytes leftover after parsing attributes in process `syz.0.517'. [ 148.283996][ T39] audit: type=1800 audit(1734833665.748:39): pid=8492 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.521" name="bus" dev="9p" ino=39190845 res=0 errno=0 [ 148.284961][ T8482] netlink: 36 bytes leftover after parsing attributes in process `syz.0.517'. [ 148.293523][ T8482] netlink: 36 bytes leftover after parsing attributes in process `syz.0.517'. [ 148.660533][ T8508] netlink: 4 bytes leftover after parsing attributes in process `syz.4.526'. [ 149.430417][ T8527] netlink: 12 bytes leftover after parsing attributes in process `syz.0.532'. [ 150.209104][ T8542] netlink: 4 bytes leftover after parsing attributes in process `syz.4.537'. [ 151.020725][ T8562] syz.2.540 (8562): drop_caches: 1 [ 152.104189][ T8587] syz_tun: left allmulticast mode [ 152.105553][ T8587] syz_tun: left promiscuous mode [ 152.107130][ T8587] bridge0: port 3(syz_tun) entered disabled state [ 152.113580][ T8587] bridge_slave_0: left allmulticast mode [ 152.115014][ T8587] bridge_slave_0: left promiscuous mode [ 152.119804][ T8587] bridge0: port 1(bridge_slave_0) entered disabled state [ 152.122932][ T8587] bridge_slave_1: left allmulticast mode [ 152.124385][ T8587] bridge_slave_1: left promiscuous mode [ 152.125873][ T8587] bridge0: port 2(bridge_slave_1) entered disabled state [ 152.132990][ T8587] bond0: (slave bond_slave_1): Releasing backup interface [ 152.146138][ T8587] team0: Port device team_slave_0 removed [ 152.155143][ T8587] team0: Port device team_slave_1 removed [ 152.157491][ T8587] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 152.159495][ T8587] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 152.162603][ T8587] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 152.164592][ T8587] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 152.204701][ T8588] team0: Port device wg2 added [ 152.314829][ T8593] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 152.334704][ T8593] kvm: pic: non byte read [ 152.340436][ T8593] kvm: pic: level sensitive irq not supported [ 152.341072][ T8593] kvm: pic: non byte read [ 152.362126][ T8593] kvm: pic: level sensitive irq not supported [ 152.363702][ T8593] kvm: pic: non byte read [ 152.394512][ T8593] kvm: pic: level sensitive irq not supported [ 152.394882][ T8593] kvm: pic: non byte read [ 153.086138][ T8616] netlink: 'syz.2.556': attribute type 9 has an invalid length. [ 153.088690][ T8616] netlink: 8 bytes leftover after parsing attributes in process `syz.2.556'. [ 154.919897][ T8668] syz.4.566 (8668): drop_caches: 1 [ 154.993340][ T8670] kvm: pic: non byte read [ 154.995723][ T8670] kvm: pic: non byte read [ 154.998028][ T8670] pic_ioport_write: 21 callbacks suppressed [ 154.998036][ T8670] kvm: pic: single mode not supported [ 155.000042][ T8670] kvm: pic: non byte read [ 155.005049][ T8670] kvm: pic: level sensitive irq not supported [ 155.005586][ T8670] kvm: pic: non byte read [ 155.011647][ T8670] kvm: pic: single mode not supported [ 155.011656][ T8670] kvm: pic: level sensitive irq not supported [ 155.013766][ T8670] kvm: pic: non byte read [ 155.017822][ T8670] kvm: pic: non byte read [ 155.020082][ T8670] kvm: pic: level sensitive irq not supported [ 155.022044][ T8670] kvm: pic: level sensitive irq not supported [ 155.025591][ T8670] kvm: pic: level sensitive irq not supported [ 155.035910][ T8670] kvm: pic: level sensitive irq not supported [ 155.052092][ T8670] kvm: pic: level sensitive irq not supported [ 155.441457][ T39] audit: type=1326 audit(1734833672.908:40): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8675 comm="syz.3.568" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 155.448820][ T39] audit: type=1326 audit(1734833672.908:41): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8675 comm="syz.3.568" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 155.454393][ T39] audit: type=1326 audit(1734833672.918:42): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8675 comm="syz.3.568" exe="/syz-executor" sig=0 arch=40000003 syscall=311 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 155.460493][ T39] audit: type=1326 audit(1734833672.918:43): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8675 comm="syz.3.568" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 155.466042][ T39] audit: type=1326 audit(1734833672.918:44): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8675 comm="syz.3.568" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 155.472179][ T39] audit: type=1326 audit(1734833672.918:45): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8675 comm="syz.3.568" exe="/syz-executor" sig=0 arch=40000003 syscall=227 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 155.484465][ T39] audit: type=1326 audit(1734833672.918:46): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8675 comm="syz.3.568" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 155.490095][ T39] audit: type=1326 audit(1734833672.918:47): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8675 comm="syz.3.568" exe="/syz-executor" sig=0 arch=40000003 syscall=15 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 155.495556][ T39] audit: type=1326 audit(1734833672.918:48): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8675 comm="syz.3.568" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 155.501807][ T39] audit: type=1326 audit(1734833672.918:49): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=8675 comm="syz.3.568" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7fd6579 code=0x7ffc0000 [ 157.091329][ T8711] syz.0.578 (8711): drop_caches: 1 [ 158.346480][ T5885] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 158.424279][ T8765] kernel read not supported for file /rmdFΌμ (pid: 8765 comm: syz.2.592) [ 158.496365][ T5885] usb 8-1: Using ep0 maxpacket: 32 [ 158.500362][ T5885] usb 8-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 1024 [ 158.506714][ T5885] usb 8-1: New USB device found, idVendor=12d8, idProduct=0001, bcdDevice=de.79 [ 158.509906][ T5885] usb 8-1: New USB device strings: Mfr=1, Product=236, SerialNumber=2 [ 158.512700][ T5885] usb 8-1: Product: syz [ 158.514168][ T5885] usb 8-1: Manufacturer: syz [ 158.515777][ T5885] usb 8-1: SerialNumber: syz [ 158.525568][ T5885] usb 8-1: config 0 descriptor?? [ 158.528208][ T8751] raw-gadget.0 gadget.3: fail, usb_ep_enable returned -22 [ 158.801683][ T2286] usb 8-1: USB disconnect, device number 3 [ 160.563512][ T8809] [ 160.564214][ T8809] ============================= [ 160.565506][ T8809] [ BUG: Invalid wait context ] [ 160.566828][ T8809] 6.13.0-rc3-syzkaller-00289-g48f506ad0b68 #0 Not tainted [ 160.569019][ T8809] ----------------------------- [ 160.571665][ T8809] iou-wrk-8802/8809 is trying to lock: [ 160.573240][ T8809] ffff88802517a518 (&sighand->siglock){-.-.}-{3:3}, at: __lock_task_sighand+0xc2/0x340 [ 160.575936][ T8809] other info that might help us debug this: [ 160.577588][ T8809] context-{5:5} [ 160.578624][ T8809] 3 locks held by iou-wrk-8802/8809: SYZFAIL: failed to recv rpc fd=3 want=4 recv=0 n=0 (errno 9: Bad file descriptor) [ 160.580411][ T8809] #0: ffff88802a50f928 (&acct->lock){+.+.}-{2:2}, at: io_worker_handle_work+0x9eb/0x1680 [ 160.583910][ T8809] #1: ffffffff8ddbad40 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run2+0x1c2/0x590 [ 160.586382][ T8809] #2: ffffffff8ddbad40 (rcu_read_lock){....}-{1:3}, at: __lock_task_sighand+0x3f/0x340 [ 160.589038][ T8809] stack backtrace: [ 160.590038][ T8809] CPU: 0 UID: 0 PID: 8809 Comm: iou-wrk-8802 Not tainted 6.13.0-rc3-syzkaller-00289-g48f506ad0b68 #0 [ 160.592936][ T8809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 160.595883][ T8809] Call Trace: [ 160.596920][ T8809] [ 160.597834][ T8809] dump_stack_lvl+0x116/0x1f0 [ 160.599340][ T8809] __lock_acquire+0x878/0x3c40 [ 160.600704][ T8809] ? __pfx___lock_acquire+0x10/0x10 [ 160.602175][ T8809] ? __pfx___lock_acquire+0x10/0x10 [ 160.603577][ T8809] lock_acquire.part.0+0x11b/0x380 [ 160.604933][ T8809] ? __lock_task_sighand+0xc2/0x340 [ 160.606885][ T8809] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 160.608893][ T8809] ? rcu_is_watching+0x12/0xc0 [ 160.610607][ T8809] ? trace_lock_acquire+0x14e/0x1f0 [ 160.612466][ T8809] ? trace_lock_acquire+0x14e/0x1f0 [ 160.614311][ T8809] ? __lock_task_sighand+0xc2/0x340 [ 160.616140][ T8809] ? lock_acquire+0x2f/0xb0 [ 160.617804][ T8809] ? __lock_task_sighand+0xc2/0x340 [ 160.619927][ T8809] _raw_spin_lock_irqsave+0x3a/0x60 [ 160.622074][ T8809] ? __lock_task_sighand+0xc2/0x340 [ 160.624103][ T8809] __lock_task_sighand+0xc2/0x340 [ 160.625857][ T8809] group_send_sig_info+0x290/0x300 [ 160.627241][ T8809] ? __pfx_group_send_sig_info+0x10/0x10 [ 160.628721][ T8809] ? __pfx___lock_acquire+0x10/0x10 [ 160.630117][ T8809] ? aa_file_perm+0x4c6/0xfe0 [ 160.631375][ T8809] bpf_send_signal_common+0x415/0x520 [ 160.632854][ T8809] ? __pfx_bpf_send_signal_common+0x10/0x10 [ 160.634431][ T8809] ? trace_lock_acquire+0x14e/0x1f0 [ 160.635817][ T8809] ? bpf_trace_run2+0x1c2/0x590 [ 160.637161][ T8809] bpf_send_signal+0x1d/0x30 [ 160.638419][ T8809] bpf_prog_631417f49dd64198+0x25/0x48 [ 160.639882][ T8809] bpf_trace_run2+0x231/0x590 [ 160.641222][ T8809] ? __pfx_bpf_trace_run2+0x10/0x10 [ 160.642763][ T8809] ? hlock_class+0x4e/0x130 [ 160.644095][ T8809] trace_contention_end.constprop.0+0xf0/0x170 [ 160.645890][ T8809] __pv_queued_spin_lock_slowpath+0x27e/0xc90 [ 160.647627][ T8809] ? bpf_lsm_inode_listsecurity+0x10/0x10 [ 160.649176][ T8809] ? __pfx___pv_queued_spin_lock_slowpath+0x10/0x10 [ 160.650913][ T8809] ? lock_acquire.part.0+0x11b/0x380 [ 160.652339][ T8809] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 160.653818][ T8809] do_raw_spin_lock+0x210/0x2c0 [ 160.655095][ T8809] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 160.656536][ T8809] ? lock_acquire+0x2f/0xb0 [ 160.657805][ T8809] ? io_worker_handle_work+0x9eb/0x1680 [ 160.659263][ T8809] io_worker_handle_work+0x9eb/0x1680 [ 160.660681][ T8809] io_wq_worker+0x33f/0xdf0 [ 160.661930][ T8809] ? __pfx_io_wq_worker+0x10/0x10 [ 160.663277][ T8809] ? ret_from_fork+0x23/0x80 [ 160.664505][ T8809] ? __pfx_lock_release+0x10/0x10 [ 160.665836][ T8809] ? do_raw_spin_lock+0x12d/0x2c0 [ 160.667171][ T8809] ? __pfx_do_raw_spin_lock+0x10/0x10 [ 160.668587][ T8809] ? __pfx_io_wq_worker+0x10/0x10 [ 160.669926][ T8809] ret_from_fork+0x45/0x80 [ 160.671108][ T8809] ? __pfx_io_wq_worker+0x10/0x10 [ 160.672498][ T8809] ret_from_fork_asm+0x1a/0x30 [ 160.673840][ T8809] [ 161.125091][ T1134] netdevsim netdevsim0 eth3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.178438][ T1134] netdevsim netdevsim0 eth2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.277607][ T1134] netdevsim netdevsim0 eth1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.327867][ T1134] netdevsim netdevsim0 eth0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.406508][ T1134] netdevsim netdevsim4 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.450367][ T1134] netdevsim netdevsim4 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.509542][ T1134] netdevsim netdevsim4 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.578499][ T1134] netdevsim netdevsim4 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.668711][ T1134] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.728745][ T1134] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.789034][ T1134] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 161.848725][ T1134] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 162.175565][ T1134] bridge_slave_1: left allmulticast mode [ 162.177258][ T1134] bridge_slave_1: left promiscuous mode [ 162.178928][ T1134] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.181561][ T1134] bridge_slave_0: left allmulticast mode [ 162.183061][ T1134] bridge_slave_0: left promiscuous mode [ 162.184571][ T1134] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.188316][ T1134] bridge_slave_1: left allmulticast mode [ 162.189797][ T1134] bridge_slave_1: left promiscuous mode [ 162.191737][ T1134] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.195008][ T1134] bridge_slave_0: left allmulticast mode [ 162.197434][ T1134] bridge_slave_0: left promiscuous mode [ 162.199020][ T1134] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.202434][ T1134] bridge_slave_1: left allmulticast mode [ 162.204401][ T1134] bridge_slave_1: left promiscuous mode [ 162.207293][ T1134] bridge0: port 2(bridge_slave_1) entered disabled state [ 162.210658][ T1134] bridge_slave_0: left allmulticast mode [ 162.212192][ T1134] bridge_slave_0: left promiscuous mode [ 162.213838][ T1134] bridge0: port 1(bridge_slave_0) entered disabled state [ 162.721484][ T1134] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 162.727390][ T1134] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 162.732157][ T1134] bond0 (unregistering): Released all slaves [ 162.741696][ T1134] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 162.746100][ T1134] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 162.750430][ T1134] bond0 (unregistering): Released all slaves [ 162.862147][ T1134] bond0 (unregistering): Released all slaves [ 162.954830][ T1134] bond1 (unregistering): Released all slaves [ 163.033873][ T1134] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 163.037016][ T1134] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 163.039571][ T1134] bond0 (unregistering): Released all slaves [ 163.042622][ T1134] bond1 (unregistering): Released all slaves [ 163.154869][ T1134] tipc: Left network mode [ 163.807486][ T1134] hsr_slave_0: left promiscuous mode [ 163.809214][ T1134] hsr_slave_1: left promiscuous mode [ 163.810850][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 163.812896][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 163.815062][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 163.817099][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 163.820977][ T1134] hsr_slave_0: left promiscuous mode [ 163.822742][ T1134] hsr_slave_1: left promiscuous mode [ 163.824436][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 163.826684][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 163.829029][ T1134] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 163.831463][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 163.834858][ T1134] hsr_slave_0: left promiscuous mode [ 163.836801][ T1134] hsr_slave_1: left promiscuous mode [ 163.840204][ T1134] hsr_slave_0: left promiscuous mode [ 163.842128][ T1134] hsr_slave_1: left promiscuous mode [ 163.843896][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 163.846160][ T1134] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 163.851411][ T1134] veth1_macvtap: left promiscuous mode [ 163.852944][ T1134] veth0_macvtap: left promiscuous mode [ 163.854458][ T1134] veth1_vlan: left promiscuous mode [ 163.855877][ T1134] veth0_vlan: left promiscuous mode [ 163.858727][ T1134] veth1_macvtap: left promiscuous mode [ 163.860218][ T1134] veth0_macvtap: left promiscuous mode [ 163.861759][ T1134] veth1_vlan: left promiscuous mode [ 163.863154][ T1134] veth0_vlan: left promiscuous mode [ 163.865080][ T1134] veth1_macvtap: left promiscuous mode [ 163.867703][ T1134] veth0_macvtap: left promiscuous mode [ 163.869184][ T1134] veth1_vlan: left promiscuous mode [ 163.870624][ T1134] veth0_vlan: left promiscuous mode [ 164.164522][ T1134] team0 (unregistering): Port device team_slave_1 removed [ 164.218423][ T1134] team0 (unregistering): Port device team_slave_0 removed [ 164.570754][ T1134] team0 (unregistering): Port device team_slave_1 removed [ 164.615341][ T1134] team0 (unregistering): Port device team_slave_0 removed [ 165.558952][ T1134] team0 (unregistering): Port device wg2 removed [ 166.430160][ T1134] team0 (unregistering): Port device team_slave_1 removed [ 166.508783][ T1134] team0 (unregistering): Port device team_slave_0 removed [ 168.460097][ T1134] IPVS: stop unused estimator thread 0... [ 168.462230][ T1134] IPVS: stop unused estimator thread 0... VM DIAGNOSIS: 02:14:38 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000031 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85142e65 RDI=ffffffff9a6672c0 RBP=ffffffff9a667280 RSP=ffffc90022e8f170 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=2d2d2d2d2d2d2d2d R12=0000000000000000 R13=0000000000000031 R14=ffffffff85142e00 R15=0000000000000000 RIP=ffffffff85142e8f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00007f18152adee6 CR3=000000006b56c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000080000 RBX=0000000000000003 RCX=ffffc9000c001000 RDX=0000000000080000 RSI=ffffffff81484a34 RDI=ffffffff81484a21 RBP=ffff88802a50f910 RSP=ffffc9002497f790 R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff901ce497 R11=0000000000000001 R12=0000000000000003 R13=0000000000000003 R14=ffff88802b53fc40 R15=ffffed10054a1f22 RIP=ffffffff81484a36 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002e5faffc CR3=000000006b56c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000001 RBX=0000000000000002 RCX=ffffffff81756c2c RDX=fffffbfff2039c93 RSI=ffffffff8bb16f40 RDI=ffffffff8bb16f80 RBP=0000000000000000 RSP=ffffc90025eaf380 R8 =0000000000000000 R9 =fffffbfff2039c92 R10=ffffffff901ce497 R11=000000000000ed85 R12=0000000000000000 R13=000000000003da4c R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8b1a3fa0 RFL=00000283 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020428000 CR3=000000006ee04000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000018800000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=ffff88802b728a30 RCX=ffffffff8145c1d2 RDX=1ffffffff1b05f9f RSI=ffffffff8bb16f40 RDI=0000000000000003 RBP=1ffff920000bf1e3 RSP=ffffc900005f8ee8 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=ffffc900005f8ff8 R12=0000000000028a30 R13=ffff888029dd0000 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff813e4e24 RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c29e38a CR3=000000006ee04000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fefeff00 Opmask01=000000000000007f Opmask02=000000000101007f Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 003d45444f4d5645 44003d524f4e494d ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcd6d585d0 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2a2a2a2a2a2a2a2a 2a2a2a2a2a2a2a2a ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffff000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffff00000000 ffffffff00000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffff000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffff00 ffffffffffffffff ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 d626b818fc310766 7373260094b8fadf ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 73737373737373e2 7373737373737373 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000000f1 0000000000000020 0000000000000000 00454d414e564544 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4a414d003d454d 414e564544003d58 45444e494649003d 4550595456454400 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4f4a414d0018454d 414e564544001858 45444e4946490018 4550595456454400 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000041 0000000000000000 32706f6f6c2f6b63 6f6c622f6c617574 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005576b09fe2f0 00007f1800627375 0000000000000021 000000000000302e ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7b27697a787c7a30 23333a3a38263342 4943213f395b2249 5a6e786b6e646b7e ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a263b383a3a263a 383a3a26493b3a3a 26483b3a3a264b3b 3a0a00307f617930 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000