last executing test programs: 4.162990206s ago: executing program 2 (id=252): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='memory.stat\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000240)={'#! ', './file0'}, 0xb) bpf$BPF_MAP_CONST_STR_FREEZE(0x16, &(0x7f0000000140)={r0, 0xffffffffffffffff}, 0x4) bpf$PROG_LOAD(0x5, &(0x7f0000000600)={0xd, 0x32, &(0x7f0000000440)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x7, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@cb_func={0x18, 0x9, 0x4, 0x0, 0x3}, @snprintf={{}, {}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x1}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r1}}, @map_idx={0x18, 0x5, 0x5, 0x0, 0x5}, @printk={@x, {}, {}, {}, {}, {0x7, 0x0, 0xb, 0x3, 0x0, 0x0, 0x8}}, @map_idx_val={0x18, 0x2, 0x6, 0x0, 0x2, 0x0, 0x0, 0x0, 0x4}, @map_fd={0x18, 0x3, 0x1, 0x0, r0}, @cb_func={0x18, 0xb, 0x4, 0x0, 0xfffffffffffffffc}, @btf_id={0x18, 0x1, 0x3, 0x0, 0x5}, @map_fd={0x18, 0x9, 0x1, 0x0, r0}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000380)='syzkaller\x00', 0xa, 0x95, &(0x7f0000000180)=""/149, 0x0, 0x0, '\x00', 0x0, @sock_ops, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r2 = openat$kvm(0xffffff9c, &(0x7f0000000040), 0x480, 0x0) ioctl$KVM_GET_SUPPORTED_CPUID(r2, 0xc008ae05, &(0x7f0000000300)=""/15) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mount(0x0, &(0x7f00000002c0)='./file0\x00', &(0x7f0000000080)='hugetlbfs\x00', 0x0, 0x0) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r0, 0x0) r3 = syz_genetlink_get_family_id$devlink(&(0x7f0000000080), r0) sendmsg$DEVLINK_CMD_SB_TC_POOL_BIND_SET(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x1}, 0xc, &(0x7f00000000c0)={&(0x7f0000000340)=ANY=[@ANYBLOB="14000000", @ANYRES16=r3, @ANYBLOB="00042cbd7000ffdbdf25180000006a25dd46a5c48fe040f19bfb88689477fbb0348ea49516"], 0x14}, 0x1, 0x0, 0x0, 0x80}, 0x810) pselect6(0x0, 0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)={0x0}) 3.313035131s ago: executing program 2 (id=259): r0 = socket$igmp(0x2, 0x3, 0x2) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(r1, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000200)={0x28, 0x3, 0x8, 0x3, 0x0, 0x0, {0x7, 0x0, 0x6}, [@CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x84}, @CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @udp=[@CTA_TIMEOUT_UDP_UNREPLIED={0x8, 0x1, 0x1, 0x0, 0x4}]}]}, 0x28}, 0x1, 0x0, 0x0, 0x40004}, 0x40) r2 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000000), 0x0) ioctl$SNDRV_TIMER_IOCTL_SELECT(r2, 0x40345410, &(0x7f00000083c0)={{0x1}}) readv(r2, &(0x7f0000000200)=[{&(0x7f0000003140)=""/4096, 0x8}], 0xe) ioctl$SNDRV_TIMER_IOCTL_START(r2, 0x54a0) r3 = socket$inet6_sctp(0xa, 0x5, 0x84) r4 = socket$inet6_sctp(0xa, 0x1, 0x84) r5 = syz_open_dev$vim2m(&(0x7f0000000400), 0x0, 0x2) open_by_handle_at(r5, &(0x7f00000001c0)=@FILEID_BTRFS_WITH_PARENT_ROOT={0x28, 0x4e, {0x7fff, 0x40, 0x1ff80, 0x3, 0xfa2c, 0x7}}, 0x115403) getsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX3(r4, 0x84, 0x6f, &(0x7f0000000280)={0x0, 0x10, &(0x7f0000000000)=[@in={0x2, 0x4e20, @rand_addr=0x64010100}]}, 0x0) getsockopt$inet_sctp6_SCTP_MAX_BURST(r4, 0x84, 0x83, &(0x7f0000000000)=@assoc_value={0x0}, &(0x7f00000004c0)=0x27) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER_VALUE(r3, 0x84, 0x7c, &(0x7f0000000100)={r6, 0x38c, 0x401}, 0x8) syz_genetlink_get_family_id$ieee802154(&(0x7f0000000040), 0xffffffffffffffff) futex(&(0x7f00000000c0), 0x0, 0x0, 0x0, 0x0, 0x2) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x4) futex(&(0x7f00000040c0), 0x7, 0x0, 0x0, 0x0, 0x0) r7 = socket$inet_sctp(0x2, 0x5, 0x84) r8 = openat$drirender128(0xffffff9c, &(0x7f0000000140), 0x400080, 0x0) ioctl$DRM_IOCTL_RM_MAP(r8, 0x4018641b, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x0, &(0x7f00003c9000/0x2000)=nil}) bind$inet(r7, &(0x7f0000000080)={0x2, 0x4e22, @empty}, 0x10) listen(r7, 0x1ff) connect$inet(r7, &(0x7f0000000040)={0x2, 0x4e22, @local}, 0x10) sendto$inet(r7, &(0x7f0000000100)="ab", 0x1, 0xe61e2840a154b0c0, &(0x7f0000000000)={0x2, 0x4e22, @remote}, 0x10) setsockopt$MRT_ADD_MFC_PROXY(r0, 0x0, 0xd2, 0x0, 0xfffffffffffffe98) 3.213484057s ago: executing program 1 (id=260): syz_open_dev$sndctrl(&(0x7f0000000180), 0xe, 0x1378c1) r0 = openat$audio(0xffffffffffffff9c, 0x0, 0x88602, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$IP6T_SO_SET_ADD_COUNTERS(r1, 0x29, 0x41, &(0x7f0000000040)=ANY=[], 0x44) r2 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) move_pages(0x0, 0x2, &(0x7f0000000000)=[&(0x7f0000a0e000/0x4000)=nil, &(0x7f000086a000/0x2000)=nil], &(0x7f0000000180), &(0x7f0000000300), 0x0) r3 = dup(r2) ioctl$BTRFS_IOC_SET_FEATURES(r0, 0x40309439, &(0x7f0000000140)={0x2, 0x1, 0x4}) socket$inet_tcp(0x2, 0x1, 0x0) getuid() write$6lowpan_enable(r3, &(0x7f0000000000)='0', 0xfffffd74) r4 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r4, 0x7a7, &(0x7f0000000080)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r4, 0x7a0, &(0x7f0000000000)={@my=0x0}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(r4, 0x7a5, &(0x7f00000000c0)={{@my=0x0}, 0x1}) syz_io_uring_setup(0x497, &(0x7f0000000400)={0x0, 0x5ca0, 0x800, 0x4000004, 0x30a}, 0x0, &(0x7f0000000280)) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="06000000040000000800000008"], 0x50) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000001080)={0x3, 0xc, &(0x7f0000000000)=@framed={{}, [@ringbuf_output={{0x18, 0x5, 0x1, 0x0, r5}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x45}}]}, &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000000c0)={r6, 0x0, 0xb, 0x0, &(0x7f00000002c0)="e02742e86c0d85ff978276", 0x0, 0x40000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x4c) r7 = syz_init_net_socket$bt_l2cap(0x1f, 0x1, 0x0) shutdown(r7, 0x0) openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0xa8442, 0x0) r8 = socket$netlink(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r8, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000001200)={&(0x7f00000006c0)=ANY=[@ANYBLOB="380000000314010000000000000008000900020073797a310000000008004100736977001400330073797a6b616c6c657230"], 0x38}, 0x1, 0x0, 0x0, 0x20008000}, 0x0) r9 = socket$netlink(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000000)={'veth0_virt_wifi\x00', 0x0}) sendmsg$nl_route(r9, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000100)=ANY=[@ANYBLOB, @ANYRES32=r10, @ANYBLOB="800202000a0002"], 0x48}}, 0x4) 2.757575351s ago: executing program 0 (id=262): creat(0x0, 0x0) (async) mkdir(0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) (async) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) (async) r1 = socket(0x40000000015, 0x5, 0x0) bind$inet(r1, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) (async, rerun: 32) setsockopt$RDS_CONG_MONITOR(r1, 0x114, 0x6, &(0x7f0000000180), 0x4) (rerun: 32) mremap(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x1000, 0x0, &(0x7f00008b5000/0x1000)=nil) (async, rerun: 64) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={0x0}, 0x10) (async, rerun: 64) connect$pppoe(0xffffffffffffffff, &(0x7f0000000100)={0x18, 0x0, {0x11ff, @broadcast, 'bond_slave_1\x00'}}, 0x1e) (async) r2 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000300)=[{&(0x7f0000000040)="2e00000010008108040f80ecdb4cb92e0a480e000f000000e8bd6efb250314000e000100240248ff050005001200", 0x2e}], 0x1}, 0x40880) 2.757109717s ago: executing program 1 (id=263): gettid() socket$inet_udplite(0x2, 0x2, 0x88) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x50313134, 0x0, 0xa, [{}, {0x10}]}}) socket(0x2c, 0x803, 0x0) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x118, 0x30, 0x1, 0x0, 0x25dfdbfc, {}, [{0x104, 0x1, [@m_ct={0xac, 0xb, 0x0, 0x0, {{0x7}, {0x30, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @local}, @TCA_CT_MARK={0x8, 0x5, 0x1ff}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @initdev={0xac, 0x1e, 0x1, 0x0}}, @TCA_CT_LABELS={0x14, 0x7, "e676ce1a91d1ed1211b456a99b6294c7"}]}, {0x55, 0x6, "63571f949496b26900c4e5ccf38b213c50acfaf282bc366a8fede9c7695af61557ec9f83f05c5d37cd6e6651ece8339ddaf06b373c6a8fc26d7f6e54098c2af235987c9847f2c2c5eeb64a7263c786257f"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_ife={0x54, 0x201b, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x1}}}]}, {0xf, 0x6, "d8378a6ad864825bb979f5"}, {0xc}, {0xc}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x804}, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000380)=@rc, 0x80, 0x0}, 0x2002) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$vim2m_VIDIOC_TRY_FMT(r4, 0xc0cc5640, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) pipe2(0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f0000000300)={0x84, @loopback, 0x4e22, 0x1, 'nq\x00', 0x0, 0x10000}, 0x2c) 2.4411607s ago: executing program 2 (id=264): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000040)=0x100000001, 0x76dc) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000680)={0xffffffffffffffff, 0xffffffffffffffff}) setsockopt$sock_attach_bpf(r1, 0x1, 0x4c, &(0x7f0000000000), 0x4) (async) syz_io_uring_setup(0x497, &(0x7f0000000180)={0x0, 0x707b, 0x1c680, 0x4, 0x288}, 0x0, &(0x7f0000000280)) (async) bpf$MAP_CREATE(0x0, 0x0, 0x0) (async) bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=ANY=[], 0x48) socket$inet_smc(0x2b, 0x1, 0x0) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb3, &(0x7f0000000140)=""/179, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) (async) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000200)='hugetlb.2MB.rsvd.usage_in_bytes\x00', 0x275a, 0x0) (async) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) (async) r4 = getpid() sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) (async) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r5, &(0x7f0000002540)=@abs, 0x6e) sendmmsg$unix(r6, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) (async) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x1, 0x1, 0x25dfdbff, {0x0, 0x0, 0x0, 0x0, 0x10b85}, [@IFLA_IFNAME={0x14, 0x3, 'macsec0\x00'}, @IFLA_ADDRESS={0xa, 0x1, @local}]}, 0x40}, 0x1, 0x0, 0x0, 0x90}, 0x0) (async) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0xf, 0x15, &(0x7f0000000280)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x0, 0xfff, @void, @value}, 0x94) (async) bpf$BPF_GET_PROG_INFO(0xa, 0x0, 0x0) recvmsg$can_bcm(r3, &(0x7f0000001c40)={&(0x7f00000002c0)=@xdp, 0x80, &(0x7f0000000340)=[{&(0x7f00000006c0)=""/4096, 0x1000}], 0x1, &(0x7f0000000480)=""/134, 0x86}, 0x40010060) (async) r8 = syz_genetlink_get_family_id$batadv(&(0x7f0000000080), 0xffffffffffffffff) (async) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(0xffffffffffffffff, 0x8933, &(0x7f0000000140)={'batadv0\x00', 0x0}) sendmsg$BATADV_CMD_GET_NEIGHBORS(0xffffffffffffffff, &(0x7f0000004340)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f00000002c0)=ANY=[@ANYBLOB="1c00", @ANYRES16=r8, @ANYBLOB="310300000000000000000500000008000300", @ANYRES32=r9], 0x1c}}, 0x0) (async) mmap$xdp(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x2, 0x42031, 0xffffffffffffffff, 0x1000000) 2.113430527s ago: executing program 0 (id=266): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'bridge_slave_0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="340000001100010000ffff000000000007000000", @ANYRES32=r2, @ANYBLOB="000000002000000014001a8010000480"], 0x34}}, 0x0) 2.112847828s ago: executing program 3 (id=267): mkdirat(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', 0x0) pipe2$9p(&(0x7f0000000240)={0xffffffffffffffff, 0xffffffffffffffff}, 0x0) r2 = dup(r1) write$FUSE_BMAP(r2, &(0x7f0000000100)={0x18}, 0x18) r3 = signalfd(0xffffffffffffffff, &(0x7f0000006540), 0x8) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$ieee802154(&(0x7f0000001ac0), r4) r6 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$IEEE802154_LLSEC_DEL_KEY(r6, &(0x7f0000005bc0)={0x0, 0x0, &(0x7f0000005b80)={&(0x7f0000000000)={0x3c, r5, 0x1, 0x70bd24, 0x25dfdbff, {}, [@IEEE802154_ATTR_PAN_ID={0x6, 0x6, 0xfffc}, @IEEE802154_ATTR_DEV_NAME={0xa, 0x1, 'wpan0\x00'}, @IEEE802154_ATTR_LLSEC_KEY_MODE={0x5}, @IEEE802154_ATTR_HW_ADDR={0xc, 0x5, {0x200aaaaaaaaaaaa}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000044) r7 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000c00)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000040)=@ipv4_delroute={0x24, 0x18, 0x901, 0x0, 0x0, {}, [@RTA_DST={0x8, 0x1, @dev}]}, 0x24}}, 0x0) fcntl$lock(r3, 0x24, &(0x7f0000000680)={0x0, 0x2, 0x1ff, 0x7fffffff, 0xffffffffffffffff}) syz_emit_vhci(&(0x7f0000000a80)=ANY=[@ANYBLOB="043b0aaaaaa8aaaa1103000000"], 0xd) r8 = socket$nl_route(0x10, 0x3, 0x0) getsockopt$inet_mreqn(r8, 0x0, 0x20, &(0x7f00000000c0)={@broadcast, @rand_addr, 0x0}, &(0x7f0000000140)=0xc) sendmsg$nl_route(r8, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000780)={&(0x7f0000000080)=@bridge_setlink={0x0, 0x13, 0x100, 0x70bd28, 0x25dfdbfd, {0x7, 0x0, 0x0, r9, 0x12, 0x1300eb80a77959db}, [@IFLA_CARRIER={0x0, 0x21, 0x8}]}, 0x38}}, 0x28004002) setsockopt$inet6_udp_int(r2, 0x11, 0x66, &(0x7f0000000040)=0x4, 0x4) write$FUSE_DIRENT(r2, &(0x7f0000000000)=ANY=[@ANYBLOB="58000000000000009fed2788c5532994414b47034801d524faf416638217", @ANYRES32], 0x58) mount$9p_fd(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000140)=ANY=[]) chdir(&(0x7f0000000100)='./file0\x00') read$FUSE(r0, &(0x7f0000002380)={0x2020}, 0x2020) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) 2.112391784s ago: executing program 2 (id=268): bpf$TOKEN_CREATE(0x24, &(0x7f0000000000), 0x8) bpf$MAP_CREATE(0x0, &(0x7f0000000400)=@base={0xb, 0x8, 0x110001, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) syz_open_procfs(0x0, &(0x7f0000000100)='mountstats\x00') syz_io_uring_setup(0x460, &(0x7f0000000480)={0x0, 0x40000020, 0x10, 0x2, 0x34f}, &(0x7f0000000040), &(0x7f0000000000)) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="1b8000e54bcf8fdcaca3513ca25c25deacd180f500", @ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB='\x00'/28], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x3, &(0x7f0000000240)=@framed, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendto$inet6(0xffffffffffffffff, &(0x7f0000000500), 0x0, 0x48004, &(0x7f0000000180)={0xa, 0x4e20, 0xc, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', 0x7}, 0x1c) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1b, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x0, 0x2}}}]}, {0x4}, {0xc}, {0xc, 0x8, {0x0, 0x1}}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f00000004c0)='/proc/asound/seq/clients\x00', 0x0, 0x0) r4 = openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0) ioctl$UI_DEV_SETUP(r4, 0x405c5503, &(0x7f0000000280)={{0x5}, 'syz1\x00', 0x10}) ioctl$UI_DEV_CREATE(r4, 0x5501) syz_open_dev$evdev(&(0x7f0000000340), 0xaa54, 0x0) ioctl$UI_DEV_DESTROY(r4, 0x5502) lseek(r3, 0x1e, 0x2) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) mount$afs(0x0, &(0x7f0000002840)='./file0\x00', &(0x7f0000002880), 0x700, &(0x7f00000000c0)={[{@dyn}]}) lchown(&(0x7f0000000000)='./file0\x00', 0x0, 0x0) umount2(&(0x7f0000000040)='./file0\x00', 0xb) (fail_nth: 9) 2.042056988s ago: executing program 3 (id=269): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) syz_open_dev$radio(&(0x7f0000000100), 0x3, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd74) r3 = syz_io_uring_setup(0x917, &(0x7f0000000300)={0x0, 0xb1d9, 0x200, 0x1000001, 0x1ad}, &(0x7f0000000180)=0x0, &(0x7f0000000200)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, 0x0, 0x0, 0x4) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f00000000c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x140, 0x0, {0x1, r5}}) io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0) r6 = io_uring_setup(0x54a0, &(0x7f0000000000)={0x0, 0x70e5, 0x2, 0x2, 0xf2}) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r6, 0x13, &(0x7f0000000080)=[0x5, 0xa22], 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x3, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7050000000000006110480000000000dc0500004000000095000000000000009abb1723bf24203831c9545b21c751ee4024f479cbe4b89f9808837203000000000000c2d182c7a3221481f5009edaf5f5ac058299e10e790a198f42a715b99fb3d2a73dd025848710155ad1efd7d991408000000000000085a0db0401fa29e075b7ab0408a0d8cfceeb23465bb027ee1151c02af21d8f9aa57e673a6724441d08087aff070eda8abef22b3a806c8226f5a2886c93bd29b37252ba4a6e9cc5f69e75680c431aa855e487ae513abd6c4ee973fce29a26018ed5e0780f8778a602a3533a3dac7da4fe491edf3abfa7bf871c58848ac46ada6776bd9b85df01e626026a59ddfa7a9c879acbfb0bf426785dec7d8611dc850df49ed8633bdb83dd505fb20649f53841a0e200c91f5bf1bb186ed87efc7b6f8859d029c8376ca19265e281fea0a6fd2222f8850c8445758503ede0ce1b3f73ecd8989e8c53c5e679b13802bddf80f3b1d07d6d68bfa12ab34697d40ac1150a842f8bb381344b994c19642a10eb30845a993daaa8bd4aebc595475feb3475d8e802498382e73edb98fcf2df96ab3c870490c4"], &(0x7f00000002c0)='syzkaller\x00', 0x5, 0xc3, &(0x7f0000000300)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080)={0x0, 0x10}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18) r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r7, 0x400448cb, 0x0) r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r9 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000049c0)={0x18, 0x2e, &(0x7f0000000e80)=ANY=[@ANYBLOB="180000000000008000000000f8ffffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000007b70300000000ec2464f1027dd5ff00008500000083000000bf09000000000000550901000000000095000000000000008520000005000000183b000003000000000000e9e0ff3d0018110000", @ANYRES32=r2, @ANYBLOB, @ANYRESOCT, @ANYBLOB="00000000fcffffff1801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000002000000850000000600000006580600000800001800000099000000000000000300000018340000040000000000000000000000182a0000", @ANYRESOCT=r2, @ANYBLOB="000000000b00000018400000020000000000000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x45057bf4ccb05c67, 0x24, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r10, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) write$dsp(r9, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) ioctl$SNDCTL_DSP_SETFMT(r9, 0x40045010, &(0x7f0000000300)=0x3) ioctl$SNDCTL_DSP_RESET(r9, 0x5000, 0x0) bind$bt_hci(r8, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6) write(r8, &(0x7f0000000040)="05000000010000", 0x7) 2.041862612s ago: executing program 0 (id=270): listen(0xffffffffffffffff, 0x3) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000080)=@ipv6_delrule={0x4c, 0x18, 0x1, 0x0, 0x0, {0xa, 0x0, 0x10, 0x0, 0x0, 0x3, 0x0, 0x8}, [@FIB_RULE_POLICY=@FRA_SUPPRESS_PREFIXLEN={0x8, 0xe, 0xbbaa}, @FRA_DST={0x14, 0x1, @empty}, @FRA_SRC={0x14, 0x2, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01'}]}, 0x4c}}, 0x20000000) 2.031580074s ago: executing program 0 (id=271): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340), 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48) r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_triestat\x00') preadv(r4, &(0x7f00000001c0)=[{0x0}], 0x1, 0x0, 0x6) fsopen(&(0x7f0000000280)='cifs\x00', 0x0) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x21, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f0000000100)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {0x85, 0x0, 0x0, 0x8}, {0x4, 0x1, 0xb, 0x9, 0x0, 0x8}}, {{0x6, 0x0, 0xb, 0xa}, {0xf}}, [@printk={@lu, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0x2, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x15}}], {{0x7, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000080)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = socket$inet_tcp(0x2, 0x1, 0x0) r7 = fsopen(&(0x7f0000000040)='afs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000300)='source', &(0x7f00000000c0)='%(,:', 0x0) close_range(r6, 0xffffffffffffffff, 0x0) 1.903190353s ago: executing program 3 (id=272): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1bea000000000000000000000000040000000000", @ANYRES32=0x0, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB='\x00'/28], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000900)={0x11, 0xf, &(0x7f00000004c0)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [], {{}, {}, {0x85, 0x0, 0x0, 0x84}}}, &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x21, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async) mmap(&(0x7f0000001000/0xc00000)=nil, 0xc00000, 0x1000004, 0x3b071, 0xffffffffffffffff, 0x0) r2 = openat$vimc1(0xffffff9c, &(0x7f0000000940), 0x2, 0x0) ioctl$VIDIOC_TRY_EXT_CTRLS(r2, 0xc0185649, &(0x7f0000000a00)={0x0, 0x1ff, 0x0, 0xffffffffffffffff, 0x0, &(0x7f00000009c0)={0x990a68}}) (async) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) pipe(0x0) (async) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setscheduler(0x0, 0x1, 0x0) (async) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000440)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) (async) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r6 = socket$inet6(0xa, 0x80002, 0x0) connect$inet6(r6, &(0x7f0000000000)={0xa, 0x0, 0x4000000, @mcast1, 0x5}, 0x1c) (async) r7 = openat$vim2m(0xffffff9c, &(0x7f00000002c0), 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(r7, 0xc0d05604, &(0x7f0000000cc0)={0x1}) (async) setsockopt$inet6_IPV6_HOPOPTS(r6, 0x29, 0x36, &(0x7f0000001440)=ANY=[], 0xc0) sendmmsg$inet6(r6, &(0x7f0000003cc0)=[{{0x0, 0x0, &(0x7f0000003980), 0x171}}], 0x400000000000172, 0x4000000) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000001440)={'\x00', 0x52d35ce30131f272}) (async) ioctl$TUNSETOFFLOAD(r3, 0x400454c9, 0x9) (async) ioctl$TUNSETLINK(r3, 0x400454cd, 0x206) (async) bpf$PROG_BIND_MAP(0xa, &(0x7f00000001c0)={r1}, 0xc) 1.842491853s ago: executing program 1 (id=273): gettid() socket$inet_udplite(0x2, 0x2, 0x88) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x50313134, 0x0, 0xa, [{}, {0x10}]}}) socket(0x2c, 0x803, 0x0) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x118, 0x30, 0x1, 0x0, 0x25dfdbfc, {}, [{0x104, 0x1, [@m_ct={0xac, 0xb, 0x0, 0x0, {{0x7}, {0x30, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @local}, @TCA_CT_MARK={0x8, 0x5, 0x1ff}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @initdev={0xac, 0x1e, 0x1, 0x0}}, @TCA_CT_LABELS={0x14, 0x7, "e676ce1a91d1ed1211b456a99b6294c7"}]}, {0x55, 0x6, "63571f949496b26900c4e5ccf38b213c50acfaf282bc366a8fede9c7695af61557ec9f83f05c5d37cd6e6651ece8339ddaf06b373c6a8fc26d7f6e54098c2af235987c9847f2c2c5eeb64a7263c786257f"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_ife={0x54, 0x201b, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x1}}}]}, {0xf, 0x6, "d8378a6ad864825bb979f5"}, {0xc}, {0xc}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x804}, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000380)=@rc, 0x80, 0x0}, 0x2002) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$vim2m_VIDIOC_TRY_FMT(r4, 0xc0cc5640, 0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000140)={0x0, &(0x7f0000000280)}, 0x10) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) pipe2(0x0, 0x0) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f0000000300)={0x84, @loopback, 0x4e22, 0x1, 'nq\x00', 0x0, 0x10000}, 0x2c) 1.583768358s ago: executing program 3 (id=274): gettid() socket$inet_udplite(0x2, 0x2, 0x88) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x50313134, 0x0, 0xa, [{}, {0x10}]}}) socket(0x2c, 0x803, 0x0) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x118, 0x30, 0x1, 0x0, 0x25dfdbfc, {}, [{0x104, 0x1, [@m_ct={0xac, 0xb, 0x0, 0x0, {{0x7}, {0x30, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @local}, @TCA_CT_MARK={0x8, 0x5, 0x1ff}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @initdev={0xac, 0x1e, 0x1, 0x0}}, @TCA_CT_LABELS={0x14, 0x7, "e676ce1a91d1ed1211b456a99b6294c7"}]}, {0x55, 0x6, "63571f949496b26900c4e5ccf38b213c50acfaf282bc366a8fede9c7695af61557ec9f83f05c5d37cd6e6651ece8339ddaf06b373c6a8fc26d7f6e54098c2af235987c9847f2c2c5eeb64a7263c786257f"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_ife={0x54, 0x201b, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x1}}}]}, {0xf, 0x6, "d8378a6ad864825bb979f5"}, {0xc}, {0xc}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x804}, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000380)=@rc, 0x80, 0x0}, 0x2002) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$vim2m_VIDIOC_TRY_FMT(r4, 0xc0cc5640, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) pipe2(0x0, 0x0) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f0000000300)={0x84, @loopback, 0x4e22, 0x1, 'nq\x00', 0x0, 0x10000}, 0x2c) 1.047417908s ago: executing program 2 (id=275): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) fcntl$setflags(r0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340), 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000380)=ANY=[@ANYRES32, @ANYBLOB='\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYBLOB], 0x48) r4 = syz_open_procfs(0x0, &(0x7f0000000000)='net/fib_triestat\x00') preadv(r4, &(0x7f00000001c0)=[{0x0}], 0x1, 0x0, 0x6) fsopen(&(0x7f0000000280)='cifs\x00', 0x0) r5 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f0000000000)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f0000002c40)={0x7, 0x17, &(0x7f0000000100)=@ringbuf={{}, {{0x18, 0x1, 0x1, 0x0, r5}, {}, {}, {0x85, 0x0, 0x0, 0x8}, {0x4, 0x1, 0xb, 0x9, 0x0, 0x8}}, {{0x6, 0x0, 0xb, 0xa}, {0xf}}, [@printk={@lu, {0x3, 0x3, 0x3, 0xa, 0x9}, {0x5, 0x1, 0x2, 0x1, 0x9}, {0x7, 0x0, 0x3}, {}, {}, {0x15}}], {{0x7, 0x1, 0x3, 0x3}, {0x5, 0x0, 0xb, 0x3}, {0x85, 0x0, 0x0, 0x76}}}, &(0x7f0000000080)='syzkaller\x00', 0x3, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = socket$inet_tcp(0x2, 0x1, 0x0) r7 = fsopen(&(0x7f0000000040)='afs\x00', 0x0) fsconfig$FSCONFIG_SET_STRING(r7, 0x1, &(0x7f0000000300)='source', &(0x7f00000000c0)='%(,:', 0x0) close_range(r6, 0xffffffffffffffff, 0x0) 841.878655ms ago: executing program 1 (id=276): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$TCSETAF(0xffffffffffffffff, 0x5408, &(0x7f0000000080)={0x49de, 0x3, 0x2, 0x7ff, 0x0, "03880d17f2cf8baf"}) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = openat$ttyS3(0xffffff9c, &(0x7f0000000100), 0x4000, 0x0) ioctl$TIOCSETD(r2, 0x5423, &(0x7f0000000140)=0xb) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r3, 0xae9a) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x10000000, 0xfffffffffffffffe, 0x100, 0x0, 0x0, 0x5]}) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r4 = openat$apparmor_thread_current(0xffffff9c, &(0x7f0000000000), 0x2, 0x0) write$apparmor_current(r4, &(0x7f000001aa80)=ANY=[@ANYBLOB='permprofile &'], 0xff) ioctl$KVM_RUN(r3, 0xae80, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) r5 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x141001, 0x0) r6 = ioctl$KVM_CREATE_VM(r5, 0xae01, 0x0) ioctl$KVM_SET_NR_MMU_PAGES(r6, 0xae44, 0x1a9) r7 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x0, 0x0) ioctl$UI_SET_LEDBIT(r7, 0x40045569, 0x14) 705.077922ms ago: executing program 3 (id=277): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000002c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0xf, 0x0, 0x0, 0x41100, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x7, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, 0x0) r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000040)=0xfffffffe, 0x4) setsockopt$inet6_tcp_int(r0, 0x6, 0xa, &(0x7f0000000080)=0x6, 0x4) mmap(&(0x7f0000000000/0xfbe000)=nil, 0xfbe000, 0xb, 0x31, 0xffffffffffffffff, 0x0) syz_open_dev$vcsu(&(0x7f0000000280), 0xea47, 0x40881) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) mbind(&(0x7f00001fa000/0x2000)=nil, 0x2000, 0x1, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, 0x0) ioctl$SG_GET_VERSION_NUM(0xffffffffffffffff, 0x2284, &(0x7f0000000080)) r1 = socket$igmp6(0xa, 0x3, 0x2) sendmmsg$inet6(r1, &(0x7f00000000c0)=[{{&(0x7f00000001c0)={0xa, 0x0, 0x0, @mcast2}, 0x1c, 0x0}}], 0x1, 0x0) ioctl$sock_SIOCINQ(r1, 0x541b, &(0x7f0000000080)) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x8000002000000, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) r3 = syz_open_dev$dri(&(0x7f00000000c0), 0x1, 0x0) r4 = epoll_create1(0x80000) epoll_ctl$EPOLL_CTL_ADD(r4, 0x1, r3, &(0x7f00000003c0)={0xe0000000}) ioctl$DRM_IOCTL_WAIT_VBLANK(r3, 0xc018643a, &(0x7f0000000080)={0x4000000}) r5 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r5, 0x11b, 0x4, &(0x7f0000000080)={&(0x7f0000000000)=""/59, 0x304000, 0x1000, 0x0, 0x3}, 0x1c) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) 611.267745ms ago: executing program 0 (id=278): r0 = socket(0x200000000000011, 0xa, 0x0) ioctl$DRM_IOCTL_SET_CLIENT_CAP(0xffffffffffffffff, 0x4010640d, &(0x7f0000000040)={0x10}) r1 = syz_open_dev$hidraw(&(0x7f0000001c40), 0x1, 0x4b842) write$hidraw(r1, &(0x7f0000000bc0), 0xffffffae) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x18, 0x3, &(0x7f0000000240)=ANY=[@ANYBLOB="180000000000000000000087c52ae07fa3f70ae4000000000d088a8867899a9c3b33af1e0f0389fd35f2eac6f718c54785dea148f6c8bc8bf8c862a74dd8f7b03cf45d993fd8194d6dbaa0c34d39af62a178770827ac2eed4b45a92fbe4ceb9d623065472864c454e0673c88ebb7690f3b630cc28c2f9f845bf4b66a20d1b9ddb8d9cc44b78b267f47037f9076b4446d4787ad1636c109f9261c10e3c708b06e5226a032170af1ba557d1291a2fde932790b47e7d3a6"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f00000001c0)='ufshcd_exception_event\x00', r2}, 0x18) ioctl$HIDIOCGRDESC(r1, 0x40305829, &(0x7f0000000000)={0xe, "6f5481000000e800000000000003"}) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000100)={'bridge0\x00'}) socket$inet6(0xa, 0x2, 0x10f) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) r5 = dup(r4) sendmsg$IPSET_CMD_CREATE(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000004c0)=ANY=[@ANYRESHEX=r3], 0x64}, 0x1, 0x0, 0x0, 0x20000000}, 0x20000000) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000600)={0x11, 0xf, &(0x7f00000004c0)=ANY=[@ANYRES16=r0, @ANYRES32, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf09000000000000550901000000000095001a8e65fbf7946d47000000000000b7020000000000008500000085000000b7000000000000009500000000000000"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x1e00, 0x3c, '\x00', 0x0, 0x0, r5, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x10000000, @void, @value}, 0x94) r6 = dup(0xffffffffffffffff) write$6lowpan_enable(r6, &(0x7f0000000000)='0', 0xfffffd2c) r7 = syz_io_uring_setup(0x239, &(0x7f0000000380)={0x0, 0xfbc6, 0x10100, 0x8000003}, &(0x7f0000000080), 0x0) r8 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000040), 0x2) ioctl$SNDRV_TIMER_IOCTL_PVERSION(r8, 0x80045400, 0x0) openat(r6, 0x0, 0x40000, 0x1) io_uring_enter(r7, 0x2ded, 0x4000, 0x0, 0x0, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xf, 0x4008032, 0xffffffffffffffff, 0x41010000) r9 = userfaultfd(0x1) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x8) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00000, 0x15) syz_clone(0x20000, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$UFFDIO_API(r9, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r9, 0xc020aa00, &(0x7f0000000080)={{&(0x7f00000e2000/0xc00000)=nil, 0xc00000}, 0x2}) ioctl$UFFDIO_COPY(r9, 0xc028aa05, &(0x7f0000000180)={&(0x7f00002b9000/0x400000)=nil, &(0x7f00003ab000/0x2000)=nil, 0x400000, 0x2, 0x2}) socket$inet6(0xa, 0xa, 0x5) 610.993702ms ago: executing program 1 (id=279): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$OSF_MSG_REMOVE(r1, &(0x7f0000000340)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x8204040}, 0x5, &(0x7f0000000280)={&(0x7f0000000580)=ANY=[@ANYRES8, @ANYRESDEC=r0, @ANYBLOB="707c53466abb24f3c7bddad97a85ac1ea114c03546a81ade9aa6f8b97fe118f99f5f23f79ed6de7a12d6bcac228d09ebe67fd704e84bb0b0f2072229a903781c129b60bead34a90e07333007ad12bebadec681b4ba", @ANYRESDEC=0x0], 0x710}, 0x1, 0x0, 0x0, 0x40080}, 0x80) 533.701546ms ago: executing program 1 (id=280): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000b40)={0x11, 0x8, &(0x7f0000005c00)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) syz_open_dev$radio(&(0x7f0000000100), 0x3, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd74) r3 = syz_io_uring_setup(0x917, &(0x7f0000000300)={0x0, 0xb1d9, 0x200, 0x1000001, 0x1ad}, &(0x7f0000000180)=0x0, &(0x7f0000000200)) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, 0x0, 0x0, 0x4) ioctl$KVM_CREATE_VCPU(r2, 0xae41, 0x1) io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) r5 = io_uring_register$IORING_REGISTER_PERSONALITY(r3, 0x9, 0x0, 0x0) syz_io_uring_submit(r4, 0x0, &(0x7f00000000c0)=@IORING_OP_RECVMSG={0xa, 0x0, 0x0, r2, 0x0, 0x0, 0x0, 0x140, 0x0, {0x1, r5}}) io_uring_enter(r3, 0x47f6, 0x0, 0x0, 0x0, 0x0) r6 = io_uring_setup(0x54a0, &(0x7f0000000000)={0x0, 0x70e5, 0x2, 0x2, 0xf2}) io_uring_register$IORING_REGISTER_IOWQ_MAX_WORKERS(r6, 0x13, &(0x7f0000000080)=[0x5, 0xa22], 0x2) bpf$PROG_LOAD(0x5, &(0x7f0000000240)={0x3, 0x4, &(0x7f00000008c0)=ANY=[@ANYBLOB="b7050000000000006110480000000000dc0500004000000095000000000000009abb1723bf24203831c9545b21c751ee4024f479cbe4b89f9808837203000000000000c2d182c7a3221481f5009edaf5f5ac058299e10e790a198f42a715b99fb3d2a73dd025848710155ad1efd7d991408000000000000085a0db0401fa29e075b7ab0408a0d8cfceeb23465bb027ee1151c02af21d8f9aa57e673a6724441d08087aff070eda8abef22b3a806c8226f5a2886c93bd29b37252ba4a6e9cc5f69e75680c431aa855e487ae513abd6c4ee973fce29a26018ed5e0780f8778a602a3533a3dac7da4fe491edf3abfa7bf871c58848ac46ada6776bd9b85df01e626026a59ddfa7a9c879acbfb0bf426785dec7d8611dc850df49ed8633bdb83dd505fb20649f53841a0e200c91f5bf1bb186ed87efc7b6f8859d029c8376ca19265e281fea0a6fd2222f8850c8445758503ede0ce1b3f73ecd8989e8c53c5e679b13802bddf80f3b1d07d6d68bfa12ab34697d40ac1150a842f8bb381344b994c19642a10eb30845a993daaa8bd4aebc595475feb3475d8e802498382e73edb98fcf2df96ab3c870490c4"], &(0x7f00000002c0)='syzkaller\x00', 0x5, 0xc3, &(0x7f0000000300)=""/195, 0x0, 0x0, '\x00', 0x0, @sched_cls, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000080)={0x0, 0x10}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x18) r7 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) ioctl$sock_bt_hci(r7, 0x400448cb, 0x0) r8 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) r9 = openat$dsp(0xffffffffffffff9c, &(0x7f0000000000), 0x42, 0x0) r10 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000049c0)={0x18, 0x2e, &(0x7f0000000e80)=ANY=[@ANYBLOB="180000000000008000000000f8ffffff18110000", @ANYRES32, @ANYBLOB="0000000000000000b702000014000007b70300000000ec2464f1027dd5ff00008500000083000000bf09000000000000550901000000000095000000000000008520000005000000183b000003000000000000e9e0ff3d0018110000", @ANYRES32=r2, @ANYBLOB, @ANYRESOCT, @ANYBLOB="00000000fcffffff1801000020646c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000002000000850000000600000006580600000800001800000099000000000000000300000018340000040000000000000000000000182a0000", @ANYRESOCT=r2, @ANYBLOB="000000000b00000018400000020000000000000000000000bf91000000000000b7020000000000008500000084000000b7000000000000009500000000000000"], &(0x7f0000000080)='GPL\x00', 0x2, 0x0, 0x0, 0x45057bf4ccb05c67, 0x24, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x5, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r10, 0x0, 0xe, 0x0, &(0x7f0000000100)="e0b9547ed387dbe9abc89b6f5bec", 0x0, 0xe, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) write$dsp(r9, &(0x7f00000001c0)="5cba91a4", 0xffffffd9) ioctl$SNDCTL_DSP_SETFMT(r9, 0x40045010, &(0x7f0000000300)=0x3) ioctl$SNDCTL_DSP_RESET(r9, 0x5000, 0x0) bind$bt_hci(r8, &(0x7f0000000340)={0x1f, 0xffff, 0x3}, 0x6) write(r8, &(0x7f0000000040)="05000000010000", 0x7) 413.207761ms ago: executing program 3 (id=281): gettid() socket$inet_udplite(0x2, 0x2, 0x88) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x50313134, 0x0, 0xa, [{}, {0x10}]}}) socket(0x2c, 0x803, 0x0) r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000500)=@newtaction={0x118, 0x30, 0x1, 0x0, 0x25dfdbfc, {}, [{0x104, 0x1, [@m_ct={0xac, 0xb, 0x0, 0x0, {{0x7}, {0x30, 0x2, 0x0, 0x1, [@TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @local}, @TCA_CT_MARK={0x8, 0x5, 0x1ff}, @TCA_CT_NAT_IPV4_MAX={0x8, 0xa, @initdev={0xac, 0x1e, 0x1, 0x0}}, @TCA_CT_LABELS={0x14, 0x7, "e676ce1a91d1ed1211b456a99b6294c7"}]}, {0x55, 0x6, "63571f949496b26900c4e5ccf38b213c50acfaf282bc366a8fede9c7695af61557ec9f83f05c5d37cd6e6651ece8339ddaf06b373c6a8fc26d7f6e54098c2af235987c9847f2c2c5eeb64a7263c786257f"}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x3, 0x2}}}}, @m_ife={0x54, 0x201b, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c, 0x1, {{0x0, 0x1}}}]}, {0xf, 0x6, "d8378a6ad864825bb979f5"}, {0xc}, {0xc}}}]}]}, 0x70}, 0x1, 0x0, 0x0, 0x804}, 0x4) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r1, 0x8, &(0x7f0000000240)=0x2) recvmsg$kcm(0xffffffffffffffff, &(0x7f00000004c0)={&(0x7f0000000380)=@rc, 0x80, 0x0}, 0x2002) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = openat$vim2m(0xffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$vim2m_VIDIOC_TRY_FMT(r4, 0xc0cc5640, 0x0) socket$inet(0x2, 0x4000000000000001, 0x0) r5 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000ed07449e000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000540)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) pipe2(0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) r6 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$IP_VS_SO_SET_ADD(r6, 0x0, 0x482, &(0x7f0000000300)={0x84, @loopback, 0x4e22, 0x1, 'nq\x00', 0x0, 0x10000}, 0x2c) 72.863896ms ago: executing program 0 (id=282): r0 = socket(0xa, 0x3, 0x3a) r1 = io_uring_setup(0x192, &(0x7f0000000300)={0x0, 0x4cdb, 0x80, 0x8000000, 0x3d7}) r2 = openat$dsp1(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDCTL_DSP_CHANNELS(r2, 0xc0045006, &(0x7f0000000080)=0x48) read$FUSE(r2, &(0x7f00000009c0)={0x2020}, 0x2020) r3 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000040)=@req={0x3fc, 0x0, 0x0, 0x5}, 0x10) r4 = socket(0x1e, 0x4, 0x0) setsockopt$packet_tx_ring(r4, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc}, 0x10) sendmmsg(r4, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) sendmmsg(r3, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x101d0}], 0x1}}], 0x400000000000181, 0x9200000000000000) recvmmsg$unix(r3, &(0x7f00000043c0)=[{{0x0, 0x0, &(0x7f0000000580)=[{&(0x7f00000002c0)=""/240, 0xf0}], 0x1}}, {{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000640)=""/187, 0xbb}], 0x1}}, {{0x0, 0x0, &(0x7f0000002d00)=[{&(0x7f0000000900)=""/174, 0xae}], 0x1}}], 0x3, 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) setsockopt$inet6_int(r0, 0x29, 0xd1, &(0x7f0000000040)=0x20f, 0x4) r5 = socket$nl_generic(0x10, 0x3, 0x10) r6 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), 0xffffffffffffffff) r7 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000008"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000069000000000000000018110000", @ANYRES32=r7, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000fcffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x23, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, @void, @value}, 0x94) sendmsg$TIPC_NL_NAME_TABLE_GET(r5, &(0x7f0000000140)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x90410}, 0xc, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="78170000", @ANYRES16=r6, @ANYBLOB="000326bd7000fcdbdf25100000006400068004000500080006000200000040000300492023a55e1d00d0f9088fc5b775ae78915599b491ae97b7d3744b0da50f8e54f8f7c33c09d0ff4d200a1a1103cecd85111954d2dc11673852ede29b08000600ff010000040005000400050004000500"], 0x78}, 0x1, 0x0, 0x0, 0x8090}, 0x4002801) sendmsg$TIPC_NL_BEARER_ENABLE(r5, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000180)=ANY=[@ANYBLOB='`\x00\x00\x00', @ANYRES16=r6, @ANYBLOB="01005c804beab361de3e030000004c0001800d0001007564703a73797a300000000038000400140001"], 0x60}}, 0x0) 0s ago: executing program 2 (id=283): madvise(&(0x7f0000000000/0x800000)=nil, 0x800000, 0xe) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) pread64(0xffffffffffffffff, 0x0, 0x0, 0x1) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x7, 0x2, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = openat$vim2m(0xffffffffffffff9c, &(0x7f0000000040), 0x2, 0x0) mprotect(&(0x7f00000ff000/0x14000)=nil, 0x14000, 0x0) ioctl$vim2m_VIDIOC_QUERYBUF(r4, 0xc044560f, &(0x7f0000000080)=@mmap={0x7f, 0x1, 0x4, 0x10, 0xb200, {}, {0x5, 0x0, 0x3, 0x0, 0x81, 0x2, "e43d8daa"}, 0x1, 0x1, {}, 0x10}) sendmsg$nl_route(r3, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000001640)={&(0x7f0000000040)=@ipv4_delroute={0x24, 0x1a, 0x1, 0x0, 0x0, {0xa, 0x0, 0x80, 0x0, 0x0, 0x2}, [@RTA_IP_PROTO={0x5, 0x1b, 0x3a}]}, 0x24}}, 0x0) io_uring_register$IORING_UNREGISTER_PERSONALITY(0xffffffffffffffff, 0x19, 0x20000000, 0x0) socket$packet(0x11, 0x3, 0x300) r5 = openat(0xffffffffffffff9c, &(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r5, &(0x7f0000000040)='./file0\x00', 0x0) mount(&(0x7f0000000040)=@nbd={'/dev/nbd', 0x0}, &(0x7f00000000c0)='./file0\x00', &(0x7f0000000100)='xfs\x00', 0x0, 0x0) (fail_nth: 3) r6 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x3}, 0x10, 0x0) r7 = socket$nl_rdma(0x10, 0x3, 0x14) sendmsg$RDMA_NLDEV_CMD_RES_MR_GET(r7, 0x0, 0x4000004) landlock_restrict_self(r6, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:49427' (ED25519) to the list of known hosts. [ 42.198381][ T5934] cgroup: Unknown subsys name 'net' [ 42.306689][ T5934] cgroup: Unknown subsys name 'cpuset' [ 42.310324][ T5934] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 43.168456][ T5934] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 46.418114][ T5954] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 46.419306][ T5961] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 46.420389][ T5954] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 46.422708][ T5960] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 46.422926][ T5961] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 46.423591][ T5961] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 46.424006][ T5961] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 46.424296][ T5961] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 46.426244][ T5954] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 46.426839][ T5960] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 46.427032][ T5960] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 46.427447][ T5960] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 46.427711][ T5960] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 46.439001][ T5962] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 46.443642][ T5954] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 46.445748][ T5962] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 46.449488][ T5962] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 46.451671][ T5962] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 46.451822][ T5954] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 46.455905][ T5954] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 46.661043][ T5948] chnl_net:caif_netlink_parms(): no params data found [ 46.748810][ T5946] chnl_net:caif_netlink_parms(): no params data found [ 46.805046][ T5947] chnl_net:caif_netlink_parms(): no params data found [ 46.871555][ T5956] chnl_net:caif_netlink_parms(): no params data found [ 46.887236][ T5948] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.889504][ T5948] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.891692][ T5948] bridge_slave_0: entered allmulticast mode [ 46.893958][ T5948] bridge_slave_0: entered promiscuous mode [ 46.940774][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state [ 46.943131][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state [ 46.945453][ T5946] bridge_slave_0: entered allmulticast mode [ 46.947690][ T5946] bridge_slave_0: entered promiscuous mode [ 46.950838][ T5948] bridge0: port 2(bridge_slave_1) entered blocking state [ 46.952859][ T5948] bridge0: port 2(bridge_slave_1) entered disabled state [ 46.954811][ T5948] bridge_slave_1: entered allmulticast mode [ 46.957094][ T5948] bridge_slave_1: entered promiscuous mode [ 47.009597][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.012394][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.014360][ T5946] bridge_slave_1: entered allmulticast mode [ 47.016681][ T5946] bridge_slave_1: entered promiscuous mode [ 47.052211][ T5947] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.054500][ T5947] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.056931][ T5947] bridge_slave_0: entered allmulticast mode [ 47.059370][ T5947] bridge_slave_0: entered promiscuous mode [ 47.107660][ T5948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.110946][ T5947] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.113035][ T5947] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.115015][ T5947] bridge_slave_1: entered allmulticast mode [ 47.117283][ T5947] bridge_slave_1: entered promiscuous mode [ 47.147891][ T5948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.180989][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.217596][ T5947] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.221686][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.224158][ T5956] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.226146][ T5956] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.228067][ T5956] bridge_slave_0: entered allmulticast mode [ 47.230413][ T5956] bridge_slave_0: entered promiscuous mode [ 47.251537][ T5948] team0: Port device team_slave_0 added [ 47.254498][ T5947] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.287853][ T5956] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.290360][ T5956] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.293014][ T5956] bridge_slave_1: entered allmulticast mode [ 47.296124][ T5956] bridge_slave_1: entered promiscuous mode [ 47.300024][ T5948] team0: Port device team_slave_1 added [ 47.343337][ T5946] team0: Port device team_slave_0 added [ 47.407592][ T5947] team0: Port device team_slave_0 added [ 47.411382][ T5946] team0: Port device team_slave_1 added [ 47.428291][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.430792][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.437702][ T5948] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.443221][ T5947] team0: Port device team_slave_1 added [ 47.458605][ T5956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.462816][ T5956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.465609][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.467524][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.474843][ T5948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.544252][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.546514][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.555176][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.574278][ T5956] team0: Port device team_slave_0 added [ 47.576578][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.578522][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.585379][ T5947] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.590330][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.592806][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.600567][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.619213][ T5956] team0: Port device team_slave_1 added [ 47.632010][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.633922][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.640818][ T5947] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.702169][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.705344][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.717035][ T5956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.725856][ T5948] hsr_slave_0: entered promiscuous mode [ 47.728680][ T5948] hsr_slave_1: entered promiscuous mode [ 47.752826][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.755243][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.763078][ T5956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.826230][ T5946] hsr_slave_0: entered promiscuous mode [ 47.828237][ T5946] hsr_slave_1: entered promiscuous mode [ 47.830062][ T5946] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.832656][ T5946] Cannot create hsr debugfs directory [ 47.841533][ T5947] hsr_slave_0: entered promiscuous mode [ 47.843475][ T5947] hsr_slave_1: entered promiscuous mode [ 47.845256][ T5947] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.847321][ T5947] Cannot create hsr debugfs directory [ 47.932498][ T5956] hsr_slave_0: entered promiscuous mode [ 47.934504][ T5956] hsr_slave_1: entered promiscuous mode [ 47.936324][ T5956] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.938517][ T5956] Cannot create hsr debugfs directory [ 48.210639][ T5948] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 48.216610][ T5948] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 48.224719][ T5948] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 48.228692][ T5948] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 48.248686][ T5947] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 48.254096][ T5947] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 48.257735][ T5947] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 48.263090][ T5947] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 48.305296][ T5956] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 48.313650][ T5956] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 48.317470][ T5956] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 48.328115][ T5956] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 48.369738][ T5946] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 48.374086][ T5946] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 48.379617][ T5946] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 48.390692][ T5946] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 48.425817][ T5947] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.459146][ T5948] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.467998][ T5947] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.474820][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.476881][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.485820][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.487914][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.502286][ T5954] Bluetooth: hci0: command tx timeout [ 48.502446][ T5962] Bluetooth: hci1: command tx timeout [ 48.504031][ T5954] Bluetooth: hci2: command tx timeout [ 48.507668][ T5959] Bluetooth: hci3: command tx timeout [ 48.525556][ T5948] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.534777][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.536739][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.541042][ T5956] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.547049][ T77] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.549387][ T77] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.560959][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.581946][ T5946] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.587850][ T5947] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 48.595299][ T1169] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.597333][ T1169] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.609396][ T5956] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.617300][ T1139] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.619323][ T1139] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.630296][ T1139] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.632398][ T1139] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.648334][ T5948] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 48.656154][ T77] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.658102][ T77] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.700270][ T5947] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.730445][ T5947] veth0_vlan: entered promiscuous mode [ 48.741731][ T5947] veth1_vlan: entered promiscuous mode [ 48.768839][ T5947] veth0_macvtap: entered promiscuous mode [ 48.777029][ T5948] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.783918][ T5947] veth1_macvtap: entered promiscuous mode [ 48.802341][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.807195][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 48.815660][ T5956] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 48.822624][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 48.832283][ T5947] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.834654][ T5947] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.837049][ T5947] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.839424][ T5947] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 48.887066][ T5948] veth0_vlan: entered promiscuous mode [ 48.898964][ T5956] veth0_vlan: entered promiscuous mode [ 48.907597][ T1139] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.911088][ T1139] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.915064][ T5948] veth1_vlan: entered promiscuous mode [ 48.917145][ T5946] veth0_vlan: entered promiscuous mode [ 48.922071][ T5956] veth1_vlan: entered promiscuous mode [ 48.933509][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 48.935726][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 48.936851][ T5946] veth1_vlan: entered promiscuous mode [ 48.957020][ T5948] veth0_macvtap: entered promiscuous mode [ 48.960966][ T5956] veth0_macvtap: entered promiscuous mode [ 48.966229][ T5948] veth1_macvtap: entered promiscuous mode [ 48.975655][ T5956] veth1_macvtap: entered promiscuous mode [ 48.980627][ T5947] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 48.983059][ T5946] veth0_macvtap: entered promiscuous mode [ 48.989901][ T5948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 48.994352][ T5948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 48.998092][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.000578][ T5946] veth1_macvtap: entered promiscuous mode [ 49.009472][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.013838][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.016632][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.020698][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.024805][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.033547][ T5948] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.036508][ T5948] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.039948][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.043636][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.046512][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.049172][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.052315][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.055669][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.060788][ T5948] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.063244][ T5948] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.065515][ T5948] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.067771][ T5948] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.073664][ T5956] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.076913][ T5956] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.080051][ T5956] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.084273][ T5956] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.092457][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.096104][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.098858][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.102006][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.105007][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.108268][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.112854][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.123185][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.125953][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.128591][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.131748][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.134343][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.137185][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.140638][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.152387][ T5946] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.154815][ T5946] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.157224][ T5946] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.159621][ T5946] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.185091][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.187297][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.194909][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.197096][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.204527][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.206736][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.227137][ T77] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.229728][ T77] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.248324][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.250601][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.269609][ T13] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.275800][ T13] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.312793][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 49.321358][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 49.371362][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 49.591592][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 49.605954][ T6029] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 49.618390][ T6029] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 49.964767][ T6037] netlink: 40 bytes leftover after parsing attributes in process `syz.0.6'. [ 49.968189][ T6037] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 49.971283][ T6037] IPv6: NLM_F_CREATE should be set when creating new route [ 49.974210][ T6037] IPv6: NLM_F_CREATE should be set when creating new route [ 50.303977][ T6042] netlink: 44 bytes leftover after parsing attributes in process `syz.1.5'. [ 50.331445][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 50.591543][ T5959] Bluetooth: hci3: command tx timeout [ 50.593397][ T5959] Bluetooth: hci2: command tx timeout [ 50.594845][ T5959] Bluetooth: hci1: command tx timeout [ 50.596298][ T5959] Bluetooth: hci0: command tx timeout [ 50.867773][ T6046] Zero length message leads to an empty skb [ 50.967553][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 50.970823][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 51.271492][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 51.342798][ T6056] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 51.393732][ T6059] netlink: 32 bytes leftover after parsing attributes in process `syz.3.8'. [ 51.634313][ T6063] siw: device registration error -23 [ 51.639780][ T6063] netlink: 44 bytes leftover after parsing attributes in process `syz.2.11'. [ 52.191328][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 52.195024][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 52.207689][ T6073] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 52.671281][ T5303] Bluetooth: hci1: command tx timeout [ 52.673110][ T5303] Bluetooth: hci2: command tx timeout [ 52.674632][ T5303] Bluetooth: hci3: command tx timeout [ 52.676507][ T5959] Bluetooth: hci0: command tx timeout [ 53.349715][ T6101] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 53.378578][ T6106] netlink: 44 bytes leftover after parsing attributes in process `syz.0.18'. [ 53.832553][ T6122] Bluetooth: MGMT ver 1.23 [ 54.177043][ T6128] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 54.205649][ T6128] netlink: 44 bytes leftover after parsing attributes in process `syz.0.20'. [ 54.261676][ T5959] Bluetooth: hci4: command 0x1003 tx timeout [ 54.261821][ T5954] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 54.358879][ T6132] siw: device registration error -23 [ 54.362585][ T6132] netlink: 44 bytes leftover after parsing attributes in process `syz.2.21'. [ 54.685305][ T6135] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 54.741812][ T5954] Bluetooth: hci3: command tx timeout [ 54.741827][ T5959] Bluetooth: hci1: command tx timeout [ 54.743372][ T5954] Bluetooth: hci0: command tx timeout [ 54.744869][ T5959] Bluetooth: hci2: command tx timeout [ 54.751554][ T6138] netlink: 44 bytes leftover after parsing attributes in process `syz.1.22'. [ 54.913699][ T6142] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 55.401379][ T6147] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 55.481218][ T6147] netlink: 32 bytes leftover after parsing attributes in process `syz.3.25'. [ 55.761933][ T40] audit: type=1326 audit(1743996728.606:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.3.28" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 55.769414][ T40] audit: type=1326 audit(1743996728.606:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.3.28" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 55.776779][ T40] audit: type=1326 audit(1743996728.606:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.3.28" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 55.784341][ T40] audit: type=1326 audit(1743996728.606:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.3.28" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 55.791806][ T40] audit: type=1326 audit(1743996728.606:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.3.28" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 55.793846][ T6156] ======================================================= [ 55.793846][ T6156] WARNING: The mand mount option has been deprecated and [ 55.793846][ T6156] and is ignored by this kernel. Remove the mand [ 55.793846][ T6156] option from the mount to silence this warning. [ 55.793846][ T6156] ======================================================= [ 55.799121][ T40] audit: type=1326 audit(1743996728.606:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.3.28" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 55.816003][ T40] audit: type=1326 audit(1743996728.606:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.3.28" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 55.825192][ T40] audit: type=1326 audit(1743996728.606:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.3.28" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 55.832987][ T6157] netlink: 32 bytes leftover after parsing attributes in process `syz.2.26'. [ 55.838042][ T6153] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 55.841484][ T40] audit: type=1326 audit(1743996728.606:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.3.28" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 55.848376][ T40] audit: type=1326 audit(1743996728.616:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6155 comm="syz.3.28" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x7ffc0000 [ 55.868008][ T6156] RDS: rds_bind could not find a transport for fc02::, load rds_tcp or rds_rdma? [ 55.872912][ T5959] Bluetooth: hci3: ACL packet for unknown connection handle 456 [ 55.892278][ T6154] siw: device registration error -23 [ 55.894810][ T6154] netlink: 44 bytes leftover after parsing attributes in process `syz.1.27'. [ 55.926107][ T6162] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 55.928311][ T6162] IPv6: NLM_F_CREATE should be set when creating new route [ 55.930389][ T6162] IPv6: NLM_F_CREATE should be set when creating new route [ 55.989887][ T6164] netlink: 20 bytes leftover after parsing attributes in process `syz.0.29'. [ 56.372652][ T6169] netlink: 44 bytes leftover after parsing attributes in process `syz.3.32'. [ 56.614522][ T6182] netlink: 40 bytes leftover after parsing attributes in process `syz.3.35'. [ 56.617522][ T6182] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 56.820706][ T6188] IPVS: Error connecting to the multicast addr [ 56.967756][ T6193] netlink: 12 bytes leftover after parsing attributes in process `syz.2.39'. [ 56.992821][ T6193] netlink: 28 bytes leftover after parsing attributes in process `syz.2.39'. [ 57.215103][ T6196] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 57.251633][ T6200] netlink: 44 bytes leftover after parsing attributes in process `syz.1.36'. [ 57.666211][ T6203] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 57.723525][ T6203] netlink: 44 bytes leftover after parsing attributes in process `syz.2.41'. [ 58.039805][ T6209] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 58.711286][ T6224] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 59.663040][ T6239] batadv1: entered promiscuous mode [ 59.865796][ T5959] Bluetooth: hci3: Ignoring connect complete event for invalid link type [ 59.988389][ T6240] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 60.237909][ T6249] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 60.254383][ T6250] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 61.468736][ T6276] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 61.827272][ T6290] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 61.829315][ T6290] IPv6: NLM_F_CREATE should be set when creating new route [ 61.831298][ T6290] IPv6: NLM_F_CREATE should be set when creating new route [ 62.261212][ T5959] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 62.691334][ T6281] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 62.915841][ T6304] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 62.944196][ T6304] __nla_validate_parse: 3 callbacks suppressed [ 62.944205][ T6304] netlink: 44 bytes leftover after parsing attributes in process `syz.0.65'. [ 62.975942][ T6307] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 63.042994][ T58] IPVS: starting estimator thread 0... [ 63.131465][ T6317] IPVS: using max 49 ests per chain, 117600 per kthread [ 63.650921][ T6324] netlink: 'syz.2.72': attribute type 12 has an invalid length. [ 63.861272][ T6334] netlink: 'syz.2.75': attribute type 2 has an invalid length. [ 64.196541][ T6337] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 64.445976][ T6340] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 64.448092][ T6340] IPv6: NLM_F_CREATE should be set when creating new route [ 64.450124][ T6340] IPv6: NLM_F_CREATE should be set when creating new route [ 64.528227][ T6346] netlink: 'syz.0.79': attribute type 6 has an invalid length. [ 64.696833][ T6354] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 65.061299][ T5959] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 65.171835][ T58] IPVS: starting estimator thread 0... [ 65.281240][ T6365] IPVS: using max 49 ests per chain, 117600 per kthread [ 65.448044][ T6367] netlink: 8 bytes leftover after parsing attributes in process `syz.2.85'. [ 65.450567][ T6367] netlink: 3 bytes leftover after parsing attributes in process `syz.2.85'. [ 65.517135][ T40] kauditd_printk_skb: 5466 callbacks suppressed [ 65.517144][ T40] audit: type=1326 audit(1743996738.356:5478): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6370 comm="syz.1.86" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 65.525848][ T40] audit: type=1326 audit(1743996738.366:5479): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6370 comm="syz.1.86" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 65.535393][ T40] audit: type=1326 audit(1743996738.366:5480): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6370 comm="syz.1.86" exe="/syz-executor" sig=0 arch=40000003 syscall=114 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 65.541280][ T40] audit: type=1326 audit(1743996738.366:5481): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6370 comm="syz.1.86" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 65.547921][ T40] audit: type=1326 audit(1743996738.366:5482): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6370 comm="syz.1.86" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 65.553888][ T40] audit: type=1326 audit(1743996738.366:5483): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6370 comm="syz.1.86" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 65.559719][ T40] audit: type=1326 audit(1743996738.366:5484): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6370 comm="syz.1.86" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 65.565646][ T40] audit: type=1326 audit(1743996738.366:5485): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6370 comm="syz.1.86" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 65.571483][ T40] audit: type=1326 audit(1743996738.366:5486): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6370 comm="syz.1.86" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 65.577254][ T40] audit: type=1326 audit(1743996738.376:5487): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6370 comm="syz.1.86" exe="/syz-executor" sig=0 arch=40000003 syscall=370 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 66.074655][ T6378] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 66.107642][ T6389] can0: slcan on ttyprintk. [ 66.657886][ T6402] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 67.012326][ T6388] can0 (unregistered): slcan off ttyprintk. [ 67.670176][ T6434] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 67.924561][ T6448] trusted_key: syz.1.104 sent an empty control message without MSG_MORE. [ 68.101353][ T5959] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 68.166118][ T6471] netlink: 20 bytes leftover after parsing attributes in process `syz.1.109'. [ 68.293239][ T6476] input: syz0 as /devices/virtual/input/input5 [ 68.500005][ T6442] Bluetooth: hci0: Opcode 0x0c03 failed: -4 [ 68.550570][ T6479] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 68.868471][ T6490] netlink: 4 bytes leftover after parsing attributes in process `syz.2.117'. [ 68.872532][ T6490] netlink: 312 bytes leftover after parsing attributes in process `syz.2.117'. [ 68.875169][ T6490] netlink: 312 bytes leftover after parsing attributes in process `syz.2.117'. [ 68.929629][ T6491] overlayfs: missing 'lowerdir' [ 69.277245][ T6506] FAULT_INJECTION: forcing a failure. [ 69.277245][ T6506] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 69.280979][ T6506] CPU: 3 UID: 0 PID: 6506 Comm: syz.2.121 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) [ 69.280993][ T6506] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 69.280998][ T6506] Call Trace: [ 69.281002][ T6506] [ 69.281006][ T6506] dump_stack_lvl+0x16c/0x1f0 [ 69.281027][ T6506] should_fail_ex+0x512/0x640 [ 69.281047][ T6506] _copy_to_user+0x32/0xd0 [ 69.281066][ T6506] proc_pid_cmdline_read+0x51b/0x900 [ 69.281082][ T6506] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 69.281096][ T6506] ? rw_verify_area+0xcf/0x680 [ 69.281107][ T6506] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 69.281121][ T6506] vfs_read+0x1de/0xc70 [ 69.281148][ T6506] ? __pfx___mutex_lock+0x10/0x10 [ 69.281165][ T6506] ? __pfx_vfs_read+0x10/0x10 [ 69.281190][ T6506] ? __fget_files+0x20e/0x3c0 [ 69.281217][ T6506] ksys_read+0x12a/0x240 [ 69.281235][ T6506] ? __pfx_ksys_read+0x10/0x10 [ 69.281256][ T6506] ? rcu_is_watching+0x12/0xc0 [ 69.281278][ T6506] __do_fast_syscall_32+0x73/0x120 [ 69.281297][ T6506] do_fast_syscall_32+0x32/0x80 [ 69.281311][ T6506] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 69.281323][ T6506] RIP: 0023:0xf7f42579 [ 69.281331][ T6506] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 69.281340][ T6506] RSP: 002b:00000000f506655c EFLAGS: 00000296 ORIG_RAX: 0000000000000003 [ 69.281349][ T6506] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000080000000 [ 69.281355][ T6506] RDX: 00000000fffffc7a RSI: 0000000000000000 RDI: 0000000000000000 [ 69.281360][ T6506] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 69.281365][ T6506] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 69.281370][ T6506] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 69.281382][ T6506] [ 69.395089][ T6508] netlink: 204 bytes leftover after parsing attributes in process `syz.2.122'. [ 69.656129][ T6525] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 69.658220][ T6525] IPv6: NLM_F_CREATE should be set when creating new route [ 69.660255][ T6525] IPv6: NLM_F_CREATE should be set when creating new route [ 69.661701][ T1015] IPVS: starting estimator thread 0... [ 69.751332][ T6526] IPVS: using max 48 ests per chain, 115200 per kthread [ 70.589655][ T6539] FAULT_INJECTION: forcing a failure. [ 70.589655][ T6539] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 70.593711][ T6539] CPU: 3 UID: 0 PID: 6539 Comm: syz.0.128 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) [ 70.593727][ T6539] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 70.593734][ T6539] Call Trace: [ 70.593737][ T6539] [ 70.593740][ T6539] dump_stack_lvl+0x16c/0x1f0 [ 70.593758][ T6539] should_fail_ex+0x512/0x640 [ 70.593771][ T6539] copy_fpstate_to_sigframe+0x878/0xb10 [ 70.593783][ T6539] ? __pfx_copy_fpstate_to_sigframe+0x10/0x10 [ 70.593792][ T6539] ? posixtimer_deliver_signal+0xed/0x6a0 [ 70.593804][ T6539] ? posixtimer_deliver_signal+0x1af/0x6a0 [ 70.593816][ T6539] get_sigframe+0x4a8/0x9c0 [ 70.593831][ T6539] ? __pfx_get_sigframe+0x10/0x10 [ 70.593846][ T6539] ? _raw_spin_unlock_irq+0x23/0x50 [ 70.593858][ T6539] ? siginfo_layout+0x177/0x290 [ 70.593871][ T6539] ia32_setup_rt_frame+0xe3/0xb30 [ 70.593886][ T6539] ? __pfx_ia32_setup_rt_frame+0x10/0x10 [ 70.593896][ T6539] ? __pfx_vfs_read+0x10/0x10 [ 70.593910][ T6539] ? __fget_files+0x204/0x3c0 [ 70.593924][ T6539] arch_do_signal_or_restart+0x477/0x7d0 [ 70.593939][ T6539] ? __pfx_arch_do_signal_or_restart+0x10/0x10 [ 70.593957][ T6539] ? __pfx_ksys_pread64+0x10/0x10 [ 70.593969][ T6539] ? __pfx___do_compat_sys_rt_sigreturn+0x10/0x10 [ 70.593983][ T6539] syscall_exit_to_user_mode+0x150/0x2a0 [ 70.593997][ T6539] do_int80_emulation+0x111/0x200 [ 70.594011][ T6539] asm_int80_emulation+0x1a/0x20 [ 70.594021][ T6539] RIP: 0023:0xf741e577 [ 70.594028][ T6539] Code: 03 74 b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 80 5d 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 [ 70.594037][ T6539] RSP: 002b:00000000f50a655c EFLAGS: 00000296 ORIG_RAX: 00000000000000b4 [ 70.594046][ T6539] RAX: 00000000000000b4 RBX: 0000000000000003 RCX: 0000000000000000 [ 70.594051][ T6539] RDX: 0000000000000000 RSI: 0000000000000ce2 RDI: 0000000000000000 [ 70.594056][ T6539] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 70.594061][ T6539] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 70.594066][ T6539] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 70.594078][ T6539] [ 70.744155][ T1416] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.746006][ T1416] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.623783][ T6558] netlink: 4 bytes leftover after parsing attributes in process `syz.3.136'. [ 71.626968][ T6559] netlink: 4 bytes leftover after parsing attributes in process `syz.3.136'. [ 71.629875][ T6560] netlink: 4 bytes leftover after parsing attributes in process `syz.3.136'. [ 71.632776][ T6562] netlink: 40 bytes leftover after parsing attributes in process `syz.2.134'. [ 71.635340][ T6562] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 71.637346][ T6562] IPv6: NLM_F_CREATE should be set when creating new route [ 71.639390][ T6562] IPv6: NLM_F_CREATE should be set when creating new route [ 71.791316][ T5303] Bluetooth: hci3: command 0x0405 tx timeout [ 72.122579][ T6578] netlink: 204 bytes leftover after parsing attributes in process `syz.0.142'. [ 72.162646][ T6581] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 72.165002][ T6581] IPv6: NLM_F_CREATE should be set when creating new route [ 72.167082][ T6581] IPv6: NLM_F_CREATE should be set when creating new route [ 72.194776][ T6583] random: crng reseeded on system resumption [ 72.431756][ T6579] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 73.187649][ T6593] netlink: 40 bytes leftover after parsing attributes in process `syz.1.147'. [ 73.190224][ T6593] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 73.192316][ T6593] IPv6: NLM_F_CREATE should be set when creating new route [ 73.194402][ T6593] IPv6: NLM_F_CREATE should be set when creating new route [ 73.286127][ T1015] IPVS: starting estimator thread 0... [ 73.391462][ T6596] IPVS: using max 49 ests per chain, 117600 per kthread [ 73.527519][ T6601] syz.1.149 uses obsolete (PF_INET,SOCK_PACKET) [ 74.599729][ T6626] netlink: 40 bytes leftover after parsing attributes in process `syz.1.157'. [ 74.603203][ T6626] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 74.865585][ T40] kauditd_printk_skb: 38 callbacks suppressed [ 74.865595][ T40] audit: type=1326 audit(1743996747.706:5526): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6632 comm="syz.3.160" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x0 [ 74.922489][ T6631] netlink: 4 bytes leftover after parsing attributes in process `syz.1.159'. [ 74.924991][ T40] audit: type=1326 audit(1743996747.766:5527): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6632 comm="syz.3.160" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x0 [ 74.978404][ T6635] warning: `syz.0.154' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 75.067453][ T6650] netlink: 20 bytes leftover after parsing attributes in process `syz.2.161'. [ 75.874135][ T6664] netlink: 40 bytes leftover after parsing attributes in process `syz.3.166'. [ 75.876681][ T6664] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 75.926252][ T6670] netlink: 20 bytes leftover after parsing attributes in process `syz.0.171'. [ 76.991866][ T6686] wireguard0: entered promiscuous mode [ 76.993493][ T6686] wireguard0: entered allmulticast mode [ 77.036569][ T6698] netlink: 40 bytes leftover after parsing attributes in process `syz.2.176'. [ 77.039099][ T6698] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 77.291009][ T6710] netlink: 20 bytes leftover after parsing attributes in process `syz.2.178'. [ 77.742802][ T6720] netlink: 20 bytes leftover after parsing attributes in process `syz.3.180'. [ 78.050728][ T6725] netlink: 12 bytes leftover after parsing attributes in process `syz.0.181'. [ 78.104366][ T6725] 8021q: adding VLAN 0 to HW filter on device bond1 [ 79.028276][ T40] audit: type=1326 audit(1743996751.866:5528): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6740 comm="syz.0.186" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf741e579 code=0x0 [ 79.131716][ T6743] netlink: 4 bytes leftover after parsing attributes in process `syz.0.186'. [ 79.469353][ T6757] netlink: 40 bytes leftover after parsing attributes in process `syz.3.189'. [ 79.473485][ T6757] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 79.476757][ T6756] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 79.673934][ T6773] netlink: 20 bytes leftover after parsing attributes in process `syz.2.193'. [ 79.707075][ T46] Bluetooth: hci4: Frame reassembly failed (-84) [ 80.141236][ T2290] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 80.294061][ T2290] usb 5-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 80.296541][ T2290] usb 5-1: config 1 has an invalid descriptor of length 55, skipping remainder of the config [ 80.299272][ T2290] usb 5-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 80.301828][ T2290] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 52, changing to 9 [ 80.304823][ T2290] usb 5-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 8241, setting to 1024 [ 80.309316][ T2290] usb 5-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 80.311862][ T2290] usb 5-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 80.314096][ T2290] usb 5-1: Product: syz [ 80.315249][ T2290] usb 5-1: Manufacturer: syz [ 80.321504][ T2290] cdc_wdm 5-1:1.0: skipping garbage [ 80.323004][ T2290] cdc_wdm 5-1:1.0: skipping garbage [ 80.327174][ T2290] cdc_wdm 5-1:1.0: cdc-wdm0: USB WDM device [ 80.328845][ T2290] cdc_wdm 5-1:1.0: Unknown control protocol [ 80.780039][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 80.781968][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 80.786210][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 80.788036][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 80.789907][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 80.791711][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 80.793557][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 80.795354][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 80.797187][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 80.798977][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 80.800951][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 80.802805][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 80.805770][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 80.807554][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 80.810471][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 80.812265][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 80.815217][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 80.817026][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 80.818854][ C1] cdc_wdm 5-1:1.0: nonzero urb status received: -71 [ 80.820686][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - 0 bytes [ 80.829327][ T1015] usb 5-1: USB disconnect, device number 2 [ 80.830984][ C1] cdc_wdm 5-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 80.984762][ T10] cfg80211: failed to load regulatory.db [ 81.307187][ T6793] syz.2.197 (6793): drop_caches: 2 [ 81.400739][ T6796] 9pnet_fd: Insufficient options for proto=fd [ 81.781260][ T5959] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 81.781275][ T5303] Bluetooth: hci4: command 0x1003 tx timeout [ 81.978453][ T6800] netlink: 40 bytes leftover after parsing attributes in process `syz.3.200'. [ 81.980879][ T6800] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 82.127052][ T6808] netlink: 20 bytes leftover after parsing attributes in process `syz.3.204'. [ 84.053607][ T6828] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 84.068423][ T6831] netlink: 40 bytes leftover after parsing attributes in process `syz.0.210'. [ 84.070980][ T6831] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 84.221985][ T6839] loop0: detected capacity change from 0 to 7 [ 84.226499][ T6839] Dev loop0: unable to read RDB block 7 [ 84.228408][ T6839] loop0: AHDI p4 [ 84.229766][ T6839] loop0: partition table partially beyond EOD, truncated [ 84.276948][ T6833] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 84.616945][ T6845] netlink: 12 bytes leftover after parsing attributes in process `syz.3.215'. [ 84.635903][ T6845] 8021q: adding VLAN 0 to HW filter on device bond1 [ 84.650854][ T6851] netlink: 20 bytes leftover after parsing attributes in process `syz.1.214'. [ 84.658908][ T6845] netlink: 28 bytes leftover after parsing attributes in process `syz.3.215'. [ 85.078258][ T6856] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 85.130940][ T6862] netlink: 14 bytes leftover after parsing attributes in process `syz.3.217'. [ 85.690518][ T6873] batman_adv: batadv0: Adding interface: dummy0 [ 85.692772][ T6873] batman_adv: batadv0: The MTU of interface dummy0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.699372][ T6873] batman_adv: batadv0: Interface activated: dummy0 [ 85.709021][ T6873] batadv0: mtu less than device minimum [ 85.711416][ T6873] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 85.715971][ T6873] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 85.719989][ T6873] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 85.724434][ T6873] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 85.729169][ T6873] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 85.733618][ T6873] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 85.737956][ T6873] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 85.742394][ T6873] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 85.746005][ T6873] batman_adv: batadv0: Forced to purge local tt entries to fit new maximum fragment MTU (-320) [ 85.951975][ T6886] netlink: 20 bytes leftover after parsing attributes in process `syz.1.222'. [ 86.135028][ T10] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 86.303524][ T10] usb 7-1: config 0 has no interfaces? [ 86.305531][ T10] usb 7-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 86.308640][ T10] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 86.319229][ T10] usb 7-1: config 0 descriptor?? [ 86.637885][ T6901] overlayfs: failed to clone upperpath [ 86.644360][ T6901] netlink: 188 bytes leftover after parsing attributes in process `syz.3.227'. [ 86.679786][ T6903] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 87.151357][ T5959] Bluetooth: hci0: Opcode 0x0c1a failed: -110 [ 87.799194][ T6937] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 87.885438][ T6943] netlink: 44 bytes leftover after parsing attributes in process `syz.0.241'. [ 87.971498][ T6952] netlink: 28 bytes leftover after parsing attributes in process `syz.0.244'. [ 87.978860][ T6952] process 'syz.0.244' launched './file1' with NULL argv: empty string added [ 87.982686][ T6952] netlink: 8 bytes leftover after parsing attributes in process `syz.0.244'. [ 87.985123][ T6952] netlink: 4 bytes leftover after parsing attributes in process `syz.0.244'. [ 87.987579][ T6952] netlink: 'syz.0.244': attribute type 13 has an invalid length. [ 87.989803][ T6952] netlink: 'syz.0.244': attribute type 12 has an invalid length. [ 88.010564][ T6952] syz.0.244 (6952) used greatest stack depth: 20664 bytes left [ 88.043376][ T6961] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 88.782589][ T6016] usb 7-1: USB disconnect, device number 2 [ 89.290770][ T6981] tipc: Invalid UDP bearer configuration [ 89.290814][ T6981] tipc: Enabling of bearer rejected, failed to enable media [ 90.860467][ T7024] fuse: Unknown parameter '' [ 90.908082][ T7029] __nla_validate_parse: 2 callbacks suppressed [ 90.908092][ T7029] netlink: 12 bytes leftover after parsing attributes in process `syz.0.266'. [ 90.942707][ T7034] IPv6: RTM_NEWROUTE with no NLM_F_CREATE or NLM_F_REPLACE [ 91.255947][ T7042] FAULT_INJECTION: forcing a failure. [ 91.255947][ T7042] name failslab, interval 1, probability 0, space 0, times 0 [ 91.259428][ T7042] CPU: 1 UID: 0 PID: 7042 Comm: syz.2.268 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) [ 91.259442][ T7042] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 91.259448][ T7042] Call Trace: [ 91.259451][ T7042] [ 91.259455][ T7042] dump_stack_lvl+0x16c/0x1f0 [ 91.259471][ T7042] should_fail_ex+0x512/0x640 [ 91.259483][ T7042] ? fs_reclaim_acquire+0xae/0x150 [ 91.259497][ T7042] ? kobject_get_path+0xd2/0x2a0 [ 91.259510][ T7042] should_failslab+0xc2/0x120 [ 91.259519][ T7042] __kmalloc_noprof+0xd2/0x510 [ 91.259535][ T7042] kobject_get_path+0xd2/0x2a0 [ 91.259551][ T7042] kobject_uevent_env+0x289/0x1870 [ 91.259561][ T7042] ? __pfx_dev_uevent_name+0x10/0x10 [ 91.259580][ T7042] ? bus_to_subsys+0x12d/0x160 [ 91.259593][ T7042] device_del+0x623/0x9f0 [ 91.259608][ T7042] ? __pfx_device_del+0x10/0x10 [ 91.259625][ T7042] device_unregister+0x1d/0xc0 [ 91.259639][ T7042] bdi_unregister+0x451/0x640 [ 91.259649][ T7042] ? __pfx_bdi_unregister+0x10/0x10 [ 91.259658][ T7042] ? generic_shutdown_super+0x1b7/0x390 [ 91.259671][ T7042] ? up_write+0x1b2/0x520 [ 91.259683][ T7042] generic_shutdown_super+0x26a/0x390 [ 91.259695][ T7042] kill_anon_super+0x3a/0x60 [ 91.259705][ T7042] afs_kill_super+0x9e/0x120 [ 91.259716][ T7042] deactivate_locked_super+0xbe/0x1a0 [ 91.259728][ T7042] deactivate_super+0xde/0x100 [ 91.259741][ T7042] cleanup_mnt+0x225/0x450 [ 91.259757][ T7042] task_work_run+0x14d/0x240 [ 91.259792][ T7042] ? __pfx_task_work_run+0x10/0x10 [ 91.259808][ T7042] ? __pfx___ia32_sys_umount+0x10/0x10 [ 91.259832][ T7042] syscall_exit_to_user_mode+0x27b/0x2a0 [ 91.259846][ T7042] __do_fast_syscall_32+0x80/0x120 [ 91.259861][ T7042] do_fast_syscall_32+0x32/0x80 [ 91.259874][ T7042] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 91.259886][ T7042] RIP: 0023:0xf7f42579 [ 91.259894][ T7042] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 91.259903][ T7042] RSP: 002b:00000000f4ff155c EFLAGS: 00000296 ORIG_RAX: 0000000000000034 [ 91.259912][ T7042] RAX: 0000000000000000 RBX: 0000000080000040 RCX: 000000000000000b [ 91.259917][ T7042] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 91.259923][ T7042] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 91.259928][ T7042] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 91.259933][ T7042] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 91.259944][ T7042] [ 92.157094][ T40] audit: type=1400 audit(1743996764.996:5529): apparmor="DENIED" operation="change_profile" class="file" info="label not found" error=-22 profile="unconfined" name="&" pid=7060 comm="syz.1.276" [ 92.649770][ T7073] Bluetooth: hci0: Opcode 0x0c03 failed: -112 [ 93.179266][ T7092] netlink: 32 bytes leftover after parsing attributes in process `syz.0.282'. [ 93.180317][ T7093] FAULT_INJECTION: forcing a failure. [ 93.180317][ T7093] name fail_usercopy, interval 1, probability 0, space 0, times 0 [ 93.180844][ T7093] [ 93.180850][ T7093] ====================================================== [ 93.180853][ T7093] WARNING: possible circular locking dependency detected [ 93.180857][ T7093] 6.14.0-syzkaller-13546-g16cd1c265776 #0 Not tainted [ 93.180863][ T7093] ------------------------------------------------------ [ 93.180866][ T7093] syz.2.283/7093 is trying to acquire lock: [ 93.180871][ T7093] ffffffff8e2ce9c0 (console_owner){-.-.}-{0:0}, at: vprintk_emit+0x4d4/0x6d0 [ 93.180912][ T7093] [ 93.180912][ T7093] but task is already holding lock: [ 93.180914][ T7093] ffff88802b239f18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 93.180935][ T7093] [ 93.180935][ T7093] which lock already depends on the new lock. [ 93.180935][ T7093] [ 93.180938][ T7093] [ 93.180938][ T7093] the existing dependency chain (in reverse order) is: [ 93.180940][ T7093] [ 93.180940][ T7093] -> #4 (&rq->__lock){-.-.}-{2:2}: [ 93.180951][ T7093] _raw_spin_lock_nested+0x31/0x40 [ 93.180969][ T7093] raw_spin_rq_lock_nested+0x29/0x130 [ 93.180980][ T7093] task_rq_lock+0xcf/0x490 [ 93.180990][ T7093] cgroup_move_task+0x81/0x2a0 [ 93.181002][ T7093] css_set_move_task+0x288/0x5f0 [ 93.181016][ T7093] cgroup_post_fork+0x201/0x9d0 [ 93.181025][ T7093] copy_process+0x5006/0x91a0 [ 93.181037][ T7093] kernel_clone+0xfc/0x960 [ 93.181049][ T7093] user_mode_thread+0xc7/0x110 [ 93.181061][ T7093] rest_init+0x23/0x2b0 [ 93.181069][ T7093] start_kernel+0x3e9/0x4d0 [ 93.181085][ T7093] x86_64_start_reservations+0x18/0x30 [ 93.181096][ T7093] x86_64_start_kernel+0xb0/0xc0 [ 93.181107][ T7093] common_startup_64+0x13e/0x148 [ 93.181118][ T7093] [ 93.181118][ T7093] -> #3 (&p->pi_lock){-.-.}-{2:2}: [ 93.181128][ T7093] _raw_spin_lock_irqsave+0x3a/0x60 [ 93.181138][ T7093] try_to_wake_up+0xb2/0x1680 [ 93.181149][ T7093] __wake_up_common+0x132/0x1f0 [ 93.181156][ T7093] __wake_up+0x31/0x60 [ 93.181168][ T7093] tty_port_default_wakeup+0x2a/0x40 [ 93.181184][ T7093] serial8250_tx_chars+0x68e/0x860 [ 93.181194][ T7093] serial8250_handle_irq+0x761/0xcb0 [ 93.181203][ T7093] serial8250_default_handle_irq+0x9a/0x210 [ 93.181212][ T7093] serial8250_interrupt+0x103/0x210 [ 93.181222][ T7093] __handle_irq_event_percpu+0x229/0x7d0 [ 93.181233][ T7093] handle_irq_event+0xab/0x1e0 [ 93.181243][ T7093] handle_edge_irq+0x263/0xd10 [ 93.181252][ T7093] __common_interrupt+0xdf/0x250 [ 93.181260][ T7093] common_interrupt+0xba/0xe0 [ 93.181269][ T7093] asm_common_interrupt+0x26/0x40 [ 93.181278][ T7093] pv_native_safe_halt+0xf/0x20 [ 93.181288][ T7093] default_idle+0x13/0x20 [ 93.181301][ T7093] default_idle_call+0x6d/0xb0 [ 93.181308][ T7093] do_idle+0x391/0x510 [ 93.181318][ T7093] cpu_startup_entry+0x4f/0x60 [ 93.181329][ T7093] start_secondary+0x21d/0x2b0 [ 93.181337][ T7093] common_startup_64+0x13e/0x148 [ 93.181348][ T7093] [ 93.181348][ T7093] -> #2 (&tty->write_wait){-.-.}-{3:3}: [ 93.181358][ T7093] _raw_spin_lock_irqsave+0x3a/0x60 [ 93.181368][ T7093] __wake_up+0x1c/0x60 [ 93.181380][ T7093] tty_port_default_wakeup+0x2a/0x40 [ 93.181388][ T7093] serial8250_tx_chars+0x68e/0x860 [ 93.181396][ T7093] __start_tx+0x3e9/0x4a0 [ 93.181403][ T7093] serial8250_start_tx+0x368/0x530 [ 93.181412][ T7093] __uart_start+0x292/0x4c0 [ 93.181423][ T7093] uart_write+0x218/0xb30 [ 93.181430][ T7093] n_tty_write+0x40f/0x1160 [ 93.181439][ T7093] file_tty_write.constprop.0+0x4ff/0x9b0 [ 93.181452][ T7093] redirected_tty_write+0xd4/0x150 [ 93.181465][ T7093] vfs_write+0x5ba/0x1180 [ 93.181477][ T7093] ksys_write+0x12a/0x240 [ 93.181488][ T7093] do_syscall_64+0xcd/0x260 [ 93.181500][ T7093] entry_SYSCALL_64_after_hwframe+0x77/0x7f [ 93.181512][ T7093] [ 93.181512][ T7093] -> #1 (&port_lock_key){-.-.}-{3:3}: [ 93.181530][ T7093] _raw_spin_lock_irqsave+0x3a/0x60 [ 93.181540][ T7093] serial8250_console_write+0x181/0x1890 [ 93.181550][ T7093] console_flush_all+0x801/0xc60 [ 93.181560][ T7093] console_unlock+0xd8/0x210 [ 93.181569][ T7093] vprintk_emit+0x418/0x6d0 [ 93.181579][ T7093] _printk+0xc7/0x100 [ 93.181586][ T7093] register_console+0xc2d/0x11b0 [ 93.181596][ T7093] univ8250_console_init+0x5f/0x90 [ 93.181609][ T7093] console_init+0x14f/0x680 [ 93.181624][ T7093] start_kernel+0x29f/0x4d0 [ 93.181638][ T7093] x86_64_start_reservations+0x18/0x30 [ 93.181653][ T7093] x86_64_start_kernel+0xb0/0xc0 [ 93.181665][ T7093] common_startup_64+0x13e/0x148 [ 93.181675][ T7093] [ 93.181675][ T7093] -> #0 (console_owner){-.-.}-{0:0}: [ 93.181686][ T7093] __lock_acquire+0x1173/0x1ba0 [ 93.181693][ T7093] lock_acquire+0x179/0x350 [ 93.181700][ T7093] vprintk_emit+0x4e5/0x6d0 [ 93.181710][ T7093] _printk+0xc7/0x100 [ 93.181716][ T7093] should_fail_ex+0x4e7/0x640 [ 93.181726][ T7093] copy_to_user_nofault+0xac/0x190 [ 93.181735][ T7093] bpf_probe_write_user+0xaf/0xf0 [ 93.181748][ T7093] bpf_prog_6303d92f98284ad8+0x44/0x48 [ 93.181755][ T7093] bpf_trace_run4+0x249/0x5a0 [ 93.181762][ T7093] __bpf_trace_sched_switch+0x145/0x190 [ 93.181773][ T7093] __traceiter_sched_switch+0x6c/0xc0 [ 93.181783][ T7093] __schedule+0x1bf3/0x5de0 [ 93.181793][ T7093] preempt_schedule_irq+0x51/0x90 [ 93.181803][ T7093] irqentry_exit+0x36/0x90 [ 93.181814][ T7093] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 93.181823][ T7093] lock_acquire+0x62/0x350 [ 93.181830][ T7093] is_module_text_address+0x33/0x230 [ 93.181838][ T7093] kernel_text_address+0x81/0x100 [ 93.181848][ T7093] __kernel_text_address+0xd/0x40 [ 93.181857][ T7093] unwind_get_return_address+0x59/0xa0 [ 93.181869][ T7093] arch_stack_walk+0xa6/0x100 [ 93.181880][ T7093] stack_trace_save+0x8e/0xc0 [ 93.181891][ T7093] kasan_save_stack+0x33/0x60 [ 93.181904][ T7093] kasan_save_track+0x14/0x30 [ 93.181915][ T7093] __kasan_kmalloc+0xaa/0xb0 [ 93.181927][ T7093] __kmalloc_node_track_caller_noprof+0x221/0x510 [ 93.181941][ T7093] memdup_user+0x2a/0xe0 [ 93.181949][ T7093] strndup_user+0x78/0xe0 [ 93.181956][ T7093] __ia32_sys_mount+0x137/0x310 [ 93.181964][ T7093] __do_fast_syscall_32+0x73/0x120 [ 93.181976][ T7093] do_fast_syscall_32+0x32/0x80 [ 93.181988][ T7093] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 93.181999][ T7093] [ 93.181999][ T7093] other info that might help us debug this: [ 93.181999][ T7093] [ 93.182001][ T7093] Chain exists of: [ 93.182001][ T7093] console_owner --> &p->pi_lock --> &rq->__lock [ 93.182001][ T7093] [ 93.182013][ T7093] Possible unsafe locking scenario: [ 93.182013][ T7093] [ 93.182015][ T7093] CPU0 CPU1 [ 93.182018][ T7093] ---- ---- [ 93.182020][ T7093] lock(&rq->__lock); [ 93.182025][ T7093] lock(&p->pi_lock); [ 93.182030][ T7093] lock(&rq->__lock); [ 93.182036][ T7093] lock(console_owner); [ 93.182041][ T7093] [ 93.182041][ T7093] *** DEADLOCK *** [ 93.182041][ T7093] [ 93.182043][ T7093] 3 locks held by syz.2.283/7093: [ 93.182048][ T7093] #0: ffffffff8e3c1580 (rcu_read_lock){....}-{1:3}, at: is_module_text_address+0x1f/0x230 [ 93.182067][ T7093] #1: ffff88802b239f18 (&rq->__lock){-.-.}-{2:2}, at: raw_spin_rq_lock_nested+0x7e/0x130 [ 93.182089][ T7093] #2: ffffffff8e3c1580 (rcu_read_lock){....}-{1:3}, at: bpf_trace_run4+0x1cf/0x5a0 [ 93.182107][ T7093] [ 93.182107][ T7093] stack backtrace: [ 93.182112][ T7093] CPU: 1 UID: 0 PID: 7093 Comm: syz.2.283 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) [ 93.182123][ T7093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 93.182129][ T7093] Call Trace: [ 93.182132][ T7093] [ 93.182136][ T7093] dump_stack_lvl+0x116/0x1f0 [ 93.182149][ T7093] print_circular_bug+0x275/0x350 [ 93.182164][ T7093] check_noncircular+0x14c/0x170 [ 93.182179][ T7093] __lock_acquire+0x1173/0x1ba0 [ 93.182189][ T7093] lock_acquire+0x179/0x350 [ 93.182197][ T7093] ? vprintk_emit+0x4d4/0x6d0 [ 93.182208][ T7093] ? vprintk_emit+0x4c2/0x6d0 [ 93.182220][ T7093] vprintk_emit+0x4e5/0x6d0 [ 93.182230][ T7093] ? vprintk_emit+0x4d4/0x6d0 [ 93.182241][ T7093] ? __pfx_vprintk_emit+0x10/0x10 [ 93.182252][ T7093] ? cmp_ex_search+0x8b/0xb0 [ 93.182264][ T7093] ? bsearch+0x9e/0xc0 [ 93.182276][ T7093] _printk+0xc7/0x100 [ 93.182284][ T7093] ? __pfx__printk+0x10/0x10 [ 93.182292][ T7093] ? ___ratelimit+0x24c/0x570 [ 93.182303][ T7093] ? __pfx____ratelimit+0x10/0x10 [ 93.182316][ T7093] should_fail_ex+0x4e7/0x640 [ 93.182326][ T7093] copy_to_user_nofault+0xac/0x190 [ 93.182336][ T7093] bpf_probe_write_user+0xaf/0xf0 [ 93.182349][ T7093] bpf_prog_6303d92f98284ad8+0x44/0x48 [ 93.182356][ T7093] bpf_trace_run4+0x249/0x5a0 [ 93.182364][ T7093] ? __pfx_bpf_trace_run4+0x10/0x10 [ 93.182373][ T7093] ? __lock_acquire+0xaa4/0x1ba0 [ 93.182382][ T7093] __bpf_trace_sched_switch+0x145/0x190 [ 93.182394][ T7093] ? __pfx___bpf_trace_sched_switch+0x10/0x10 [ 93.182405][ T7093] ? dl_scaled_delta_exec+0xdb/0x2e0 [ 93.182416][ T7093] ? plist_check_prev_next+0x12a/0x1a0 [ 93.182426][ T7093] ? tracing_record_taskinfo_sched_switch+0x54/0x400 [ 93.182437][ T7093] __traceiter_sched_switch+0x6c/0xc0 [ 93.182447][ T7093] ? set_next_task_rt+0x2eb/0x6a0 [ 93.182461][ T7093] __schedule+0x1bf3/0x5de0 [ 93.182471][ T7093] ? __lock_acquire+0xaa4/0x1ba0 [ 93.182482][ T7093] ? __pfx___schedule+0x10/0x10 [ 93.182492][ T7093] ? search_extable+0x82/0xb0 [ 93.182504][ T7093] ? __pfx_search_extable+0x10/0x10 [ 93.182522][ T7093] ? __lock_acquire+0x5ca/0x1ba0 [ 93.182530][ T7093] preempt_schedule_irq+0x51/0x90 [ 93.182542][ T7093] irqentry_exit+0x36/0x90 [ 93.182554][ T7093] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 93.182563][ T7093] RIP: 0010:lock_acquire+0x62/0x350 [ 93.182572][ T7093] Code: 51 0e 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 22 54 ee 0e 0f 82 74 02 00 00 8b 35 7a 83 ee 0e 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 f9 50 0e 12 0f 85 c7 02 00 00 48 83 c4 [ 93.182580][ T7093] RSP: 0018:ffffc90007907960 EFLAGS: 00000206 [ 93.182587][ T7093] RAX: 0000000000000046 RBX: ffffffff8e3c1580 RCX: 00000000ef9d33e4 [ 93.182593][ T7093] RDX: 0000000000000000 RSI: ffffffff8dbc557f RDI: ffffffff8bf45180 [ 93.182598][ T7093] RBP: 0000000000000002 R08: 0ac0d5affe09d4ff R09: 0000000000000000 [ 93.182603][ T7093] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 93.182608][ T7093] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 93.182617][ T7093] ? unwind_next_frame+0x3f4/0x20a0 [ 93.182629][ T7093] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 93.182641][ T7093] is_module_text_address+0x33/0x230 [ 93.182650][ T7093] ? is_module_text_address+0x1f/0x230 [ 93.182658][ T7093] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 93.182670][ T7093] kernel_text_address+0x81/0x100 [ 93.182681][ T7093] __kernel_text_address+0xd/0x40 [ 93.182691][ T7093] unwind_get_return_address+0x59/0xa0 [ 93.182703][ T7093] arch_stack_walk+0xa6/0x100 [ 93.182716][ T7093] stack_trace_save+0x8e/0xc0 [ 93.182728][ T7093] ? __pfx_stack_trace_save+0x10/0x10 [ 93.182741][ T7093] kasan_save_stack+0x33/0x60 [ 93.182754][ T7093] ? kasan_save_stack+0x33/0x60 [ 93.182766][ T7093] ? kasan_save_track+0x14/0x30 [ 93.182778][ T7093] ? __kasan_kmalloc+0xaa/0xb0 [ 93.182790][ T7093] ? __kmalloc_node_track_caller_noprof+0x221/0x510 [ 93.182804][ T7093] ? memdup_user+0x2a/0xe0 [ 93.182812][ T7093] ? strndup_user+0x78/0xe0 [ 93.182819][ T7093] ? __ia32_sys_mount+0x137/0x310 [ 93.182827][ T7093] ? __do_fast_syscall_32+0x73/0x120 [ 93.182840][ T7093] ? do_fast_syscall_32+0x32/0x80 [ 93.182852][ T7093] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 93.182864][ T7092] tipc: Invalid UDP bearer configuration [ 93.182870][ T7093] kasan_save_track+0x14/0x30 [ 93.182883][ T7093] __kasan_kmalloc+0xaa/0xb0 [ 93.182890][ T7092] tipc: Enabling of bearer rejected, failed to enable media [ 93.182896][ T7093] __kmalloc_node_track_caller_noprof+0x221/0x510 [ 93.182911][ T7093] ? strndup_user+0x78/0xe0 [ 93.182920][ T7093] memdup_user+0x2a/0xe0 [ 93.182928][ T7093] strndup_user+0x78/0xe0 [ 93.182937][ T7093] __ia32_sys_mount+0x137/0x310 [ 93.182945][ T7093] ? __pfx___ia32_sys_mount+0x10/0x10 [ 93.182955][ T7093] ? rcu_is_watching+0x12/0xc0 [ 93.182967][ T7093] __do_fast_syscall_32+0x73/0x120 [ 93.182980][ T7093] do_fast_syscall_32+0x32/0x80 [ 93.182993][ T7093] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 93.183004][ T7093] RIP: 0023:0xf7f42579 [ 93.183010][ T7093] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 93.183018][ T7093] RSP: 002b:00000000f502455c EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 93.183026][ T7093] RAX: ffffffffffffffda RBX: 0000000080000040 RCX: 00000000800000c0 [ 93.183031][ T7093] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 93.183037][ T7093] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 93.183041][ T7093] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 93.183046][ T7093] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 93.183054][ T7093] [ 93.569306][ T7093] CPU: 1 UID: 0 PID: 7093 Comm: syz.2.283 Not tainted 6.14.0-syzkaller-13546-g16cd1c265776 #0 PREEMPT(full) [ 93.569326][ T7093] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 93.569335][ T7093] Call Trace: [ 93.569342][ T7093] [ 93.569347][ T7093] dump_stack_lvl+0x116/0x1f0 [ 93.569372][ T7093] should_fail_ex+0x512/0x640 [ 93.569390][ T7093] copy_to_user_nofault+0xac/0x190 [ 93.569407][ T7093] bpf_probe_write_user+0xaf/0xf0 [ 93.569428][ T7093] bpf_prog_6303d92f98284ad8+0x44/0x48 [ 93.569441][ T7093] bpf_trace_run4+0x249/0x5a0 [ 93.569454][ T7093] ? __pfx_bpf_trace_run4+0x10/0x10 [ 93.569469][ T7093] ? __lock_acquire+0xaa4/0x1ba0 [ 93.569484][ T7093] __bpf_trace_sched_switch+0x145/0x190 [ 93.569503][ T7093] ? __pfx___bpf_trace_sched_switch+0x10/0x10 [ 93.569526][ T7093] ? dl_scaled_delta_exec+0xdb/0x2e0 [ 93.569541][ T7093] ? plist_check_prev_next+0x12a/0x1a0 [ 93.569558][ T7093] ? tracing_record_taskinfo_sched_switch+0x54/0x400 [ 93.569575][ T7093] __traceiter_sched_switch+0x6c/0xc0 [ 93.569591][ T7093] ? set_next_task_rt+0x2eb/0x6a0 [ 93.569613][ T7093] __schedule+0x1bf3/0x5de0 [ 93.569629][ T7093] ? __lock_acquire+0xaa4/0x1ba0 [ 93.569646][ T7093] ? __pfx___schedule+0x10/0x10 [ 93.569662][ T7093] ? search_extable+0x82/0xb0 [ 93.569680][ T7093] ? __pfx_search_extable+0x10/0x10 [ 93.569701][ T7093] ? __lock_acquire+0x5ca/0x1ba0 [ 93.569715][ T7093] preempt_schedule_irq+0x51/0x90 [ 93.569732][ T7093] irqentry_exit+0x36/0x90 [ 93.569751][ T7093] asm_sysvec_reschedule_ipi+0x1a/0x20 [ 93.569767][ T7093] RIP: 0010:lock_acquire+0x62/0x350 [ 93.569781][ T7093] Code: 51 0e 12 83 f8 07 0f 87 bc 02 00 00 89 c0 48 0f a3 05 22 54 ee 0e 0f 82 74 02 00 00 8b 35 7a 83 ee 0e 85 f6 0f 85 8d 00 00 00 <48> 8b 44 24 30 65 48 2b 05 f9 50 0e 12 0f 85 c7 02 00 00 48 83 c4 [ 93.569794][ T7093] RSP: 0018:ffffc90007907960 EFLAGS: 00000206 [ 93.569807][ T7093] RAX: 0000000000000046 RBX: ffffffff8e3c1580 RCX: 00000000ef9d33e4 [ 93.569816][ T7093] RDX: 0000000000000000 RSI: ffffffff8dbc557f RDI: ffffffff8bf45180 [ 93.569825][ T7093] RBP: 0000000000000002 R08: 0ac0d5affe09d4ff R09: 0000000000000000 [ 93.569833][ T7093] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000000 [ 93.569841][ T7093] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 93.569855][ T7093] ? unwind_next_frame+0x3f4/0x20a0 [ 93.569873][ T7093] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 93.569892][ T7093] is_module_text_address+0x33/0x230 [ 93.569908][ T7093] ? is_module_text_address+0x1f/0x230 [ 93.569922][ T7093] ? __pfx_stack_trace_consume_entry+0x10/0x10 [ 93.569940][ T7093] kernel_text_address+0x81/0x100 [ 93.569957][ T7093] __kernel_text_address+0xd/0x40 [ 93.569972][ T7093] unwind_get_return_address+0x59/0xa0 [ 93.569984][ T7093] arch_stack_walk+0xa6/0x100 [ 93.569999][ T7093] stack_trace_save+0x8e/0xc0 [ 93.570011][ T7093] ? __pfx_stack_trace_save+0x10/0x10 [ 93.570024][ T7093] kasan_save_stack+0x33/0x60 [ 93.570038][ T7093] ? kasan_save_stack+0x33/0x60 [ 93.570050][ T7093] ? kasan_save_track+0x14/0x30 [ 93.570062][ T7093] ? __kasan_kmalloc+0xaa/0xb0 [ 93.570074][ T7093] ? __kmalloc_node_track_caller_noprof+0x221/0x510 [ 93.570089][ T7093] ? memdup_user+0x2a/0xe0 [ 93.570097][ T7093] ? strndup_user+0x78/0xe0 [ 93.570105][ T7093] ? __ia32_sys_mount+0x137/0x310 [ 93.570114][ T7093] ? __do_fast_syscall_32+0x73/0x120 [ 93.570126][ T7093] ? do_fast_syscall_32+0x32/0x80 [ 93.570139][ T7093] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 93.570157][ T7093] kasan_save_track+0x14/0x30 [ 93.570169][ T7093] __kasan_kmalloc+0xaa/0xb0 [ 93.570182][ T7093] __kmalloc_node_track_caller_noprof+0x221/0x510 [ 93.570197][ T7093] ? strndup_user+0x78/0xe0 [ 93.570210][ T7093] memdup_user+0x2a/0xe0 [ 93.570223][ T7093] strndup_user+0x78/0xe0 [ 93.570236][ T7093] __ia32_sys_mount+0x137/0x310 [ 93.570246][ T7093] ? __pfx___ia32_sys_mount+0x10/0x10 [ 93.570260][ T7093] ? rcu_is_watching+0x12/0xc0 [ 93.570279][ T7093] __do_fast_syscall_32+0x73/0x120 [ 93.570299][ T7093] do_fast_syscall_32+0x32/0x80 [ 93.570319][ T7093] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 93.570335][ T7093] RIP: 0023:0xf7f42579 [ 93.570346][ T7093] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 93.570358][ T7093] RSP: 002b:00000000f502455c EFLAGS: 00000296 ORIG_RAX: 0000000000000015 [ 93.570371][ T7093] RAX: ffffffffffffffda RBX: 0000000080000040 RCX: 00000000800000c0 [ 93.570380][ T7093] RDX: 0000000080000100 RSI: 0000000000000000 RDI: 0000000000000000 [ 93.570388][ T7093] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 93.570396][ T7093] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 93.570404][ T7093] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 93.570417][ T7093] [ 93.748877][ T7093] syz.2.283: attempt to access beyond end of device [ 93.748877][ T7093] nbd2: rw=4096, sector=0, nr_sectors = 1 limit=0 [ 93.752548][ T7093] XFS (nbd2): SB validate failed with error -5. [ 94.661244][ T5959] Bluetooth: hci0: Opcode 0x0c1a failed: -110 VM DIAGNOSIS: 03:32:46 Registers: info registers vcpu 0 CPU#0 RAX=0000000080010002 RBX=0000000000000003 RCX=ffffffff816934b6 RDX=ffff8880220aa440 RSI=ffffffff8169650c RDI=0000000000000000 RBP=ffff88802b239f00 RSP=ffffc90000007b18 R8 =0000000000000000 R9 =0000000000000003 R10=0000000000000003 R11=ffffc90000007ff8 R12=0000000000000003 R13=0000000000000003 R14=ffff88802b23ae40 R15=ffffed10056473e0 RIP=ffffffff8169650d RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880977b9000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000ffffffff CR3=00000000121a0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f95aa2249a129c86 27fdb4d5fdfbe630 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 88f3f5f245f2ad0e cb2847fc981b6f7f ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 df526b6f2a2b3cf4 52aedb3a3e3a9f7e ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 04513e1a1a7cf6fe 8c7ccd47fec3c646 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ffffffff 00000000000000b4 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000034 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a1c23fa4d30f5963 fc4a749d3395b88a ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2386143eee8844ec 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 e6548a422dd890ac fad036d48daa303a ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4de21c1000000000 f4d51d528b288abd ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ebbaa683911cbedd 8a69ff30d96172c8 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a9ae20dedd513cd8 fa34431410cfdb2a ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 a54ff53a3c6ef372 bb67ae856a09e667 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5be0cd191f83d9ab 9b05688c510e527f ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000063 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854bd305 RDI=ffffffff9ae12bc0 RBP=ffffffff9ae12b80 RSP=ffffc90007906f68 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=732d302e34312e36 R12=0000000000000000 R13=0000000000000063 R14=ffffffff9ae12b80 R15=ffffffff854bd2a0 RIP=ffffffff854bd32f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880978b9000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000ffffffff CR3=00000000121a0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000a000000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00007fccfe14b525 RBX=00000000ffffffff RCX=0000000000000000 RDX=0000000000001ff7 RSI=00007ffd79de2158 RDI=000056302da58df9 RBP=000056302da58dfa RSP=00007ffd79de20f0 R8 =0000000000000001 R9 =0000000000000001 R10=0000000000000001 R11=0000000000000003 R12=0000000000000007 R13=00007ffd79de2278 R14=00007fccfe182c40 R15=000056302da58df9 RIP=00007fccfe08a233 RFL=00000202 [-------] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0033 0000000000000000 ffffffff 00a0fb00 DPL=3 CS64 [-RA] SS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fccfdf56500 ffffffff 00c00000 GS =0000 0000000000000000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000ffffffff CR3=00000000294fa000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000088888888 Opmask01=0000000000000000 Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=00000000fdffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd79de2200 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6565656565656565 6565656565656565 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffff0000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 732500656c6f736e 6f632f7665642f00 5d64255b00205425 206525206825003e ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 56000040494a564b 4a460a5340410a00 5d41005b00055400 054000054d00001b ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2022262230000022 3620222e312e6966 6e223d6d6d223d20 303630373d642032 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2022262230000022 2020222e20226320 63223d206c223720 3022303722372020 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 286f66636c283779 796b66692a286f66 636c65787a556f6d 646b626928376465 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2a282c28376f676b 642a286e6f64636c 646569647f28376f 66636c65787a2a38 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=0000000000000000 RBX=0000000000000001 RCX=ffffffff816934b6 RDX=ffff888021cf2440 RSI=ffffffff8169650c RDI=0000000000000000 RBP=ffff88802b53ae54 RSP=ffffc900227974c8 R8 =0000000000000000 R9 =0000000000000001 R10=0000000000000001 R11=ffffffff93a80f00 R12=0000000000000001 R13=0000000000000001 R14=ffff88802b53ae40 R15=ffff88802b53ae48 RIP=ffffffff8169650d RFL=00000093 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097ab9000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000ffffffff CR3=000000002a0dc000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000