[  267.826317][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[  267.899767][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
[  267.955230][ T1858] netlink: 4 bytes leftover after parsing attributes in process `dhcpcd'.
Warning: Permanently added '[localhost]:34286' (ECDSA) to the list of known hosts.
1970/01/01 00:05:06 fuzzer started
1970/01/01 00:05:18 dialing manager at localhost:37551
[  324.879661][ T2026] cgroup: Unknown subsys name 'net'
[  326.377441][ T2026] cgroup: Unknown subsys name 'rlimit'
1970/01/01 00:05:26 syscalls: 2853
1970/01/01 00:05:26 code coverage: enabled
1970/01/01 00:05:26 comparison tracing: enabled
1970/01/01 00:05:26 extra coverage: enabled
1970/01/01 00:05:26 delay kcov mmap: mmap returned an invalid pointer
1970/01/01 00:05:26 setuid sandbox: enabled
1970/01/01 00:05:26 namespace sandbox: enabled
1970/01/01 00:05:26 Android sandbox: /sys/fs/selinux/policy does not exist
1970/01/01 00:05:26 fault injection: enabled
1970/01/01 00:05:26 leak checking: CONFIG_DEBUG_KMEMLEAK is not enabled
1970/01/01 00:05:26 net packet injection: enabled
1970/01/01 00:05:26 net device setup: enabled
1970/01/01 00:05:26 concurrency sanitizer: /sys/kernel/debug/kcsan does not exist
1970/01/01 00:05:26 devlink PCI setup: PCI device 0000:00:10.0 is not available
1970/01/01 00:05:26 USB emulation: enabled
1970/01/01 00:05:26 hci packet injection: /dev/vhci does not exist
1970/01/01 00:05:26 wifi device emulation: /sys/class/mac80211_hwsim/ does not exist
1970/01/01 00:05:26 802.15.4 emulation: /sys/bus/platform/devices/mac802154_hwsim does not exist
1970/01/01 00:05:26 fetching corpus: 0, signal 0/2000 (executing program)
1970/01/01 00:05:32 fetching corpus: 50, signal 33134/36544 (executing program)
1970/01/01 00:05:35 fetching corpus: 100, signal 42101/46980 (executing program)
1970/01/01 00:05:39 fetching corpus: 150, signal 49224/55485 (executing program)
1970/01/01 00:05:43 fetching corpus: 200, signal 57548/65058 (executing program)
1970/01/01 00:05:46 fetching corpus: 250, signal 64406/73071 (executing program)
1970/01/01 00:05:48 fetching corpus: 300, signal 69692/79476 (executing program)
1970/01/01 00:05:49 fetching corpus: 348, signal 72856/83758 (executing program)
1970/01/01 00:05:52 fetching corpus: 397, signal 77320/89255 (executing program)
1970/01/01 00:05:54 fetching corpus: 447, signal 81523/94349 (executing program)
1970/01/01 00:05:59 fetching corpus: 497, signal 85946/99603 (executing program)
1970/01/01 00:06:01 fetching corpus: 546, signal 88008/102679 (executing program)
1970/01/01 00:06:04 fetching corpus: 596, signal 90637/106260 (executing program)
1970/01/01 00:06:07 fetching corpus: 645, signal 93841/110244 (executing program)
1970/01/01 00:06:11 fetching corpus: 694, signal 97997/115020 (executing program)
1970/01/01 00:06:13 fetching corpus: 744, signal 100596/118349 (executing program)
1970/01/01 00:06:15 fetching corpus: 794, signal 102528/121073 (executing program)
1970/01/01 00:06:18 fetching corpus: 842, signal 105208/124411 (executing program)
1970/01/01 00:06:22 fetching corpus: 892, signal 108347/128112 (executing program)
1970/01/01 00:06:24 fetching corpus: 941, signal 110457/130885 (executing program)
1970/01/01 00:06:27 fetching corpus: 991, signal 112148/133256 (executing program)
1970/01/01 00:06:29 fetching corpus: 1040, signal 114213/135910 (executing program)
1970/01/01 00:06:32 fetching corpus: 1089, signal 116451/138773 (executing program)
1970/01/01 00:06:34 fetching corpus: 1139, signal 117589/140656 (executing program)
1970/01/01 00:06:36 fetching corpus: 1189, signal 119252/142892 (executing program)
1970/01/01 00:06:38 fetching corpus: 1238, signal 120762/145034 (executing program)
1970/01/01 00:06:41 fetching corpus: 1287, signal 123557/148139 (executing program)
1970/01/01 00:06:43 fetching corpus: 1337, signal 125294/150367 (executing program)
1970/01/01 00:06:46 fetching corpus: 1386, signal 126687/152299 (executing program)
1970/01/01 00:06:48 fetching corpus: 1436, signal 128149/154270 (executing program)
1970/01/01 00:06:50 fetching corpus: 1484, signal 129039/155787 (executing program)
1970/01/01 00:06:52 fetching corpus: 1533, signal 130081/157393 (executing program)
1970/01/01 00:06:54 fetching corpus: 1583, signal 131485/159292 (executing program)
1970/01/01 00:06:57 fetching corpus: 1633, signal 133019/161195 (executing program)
1970/01/01 00:06:59 fetching corpus: 1682, signal 134285/162884 (executing program)
1970/01/01 00:07:03 fetching corpus: 1732, signal 135478/164522 (executing program)
1970/01/01 00:07:06 fetching corpus: 1781, signal 136379/165953 (executing program)
1970/01/01 00:07:09 fetching corpus: 1830, signal 137487/167490 (executing program)
1970/01/01 00:07:11 fetching corpus: 1879, signal 138541/168964 (executing program)
1970/01/01 00:07:14 fetching corpus: 1928, signal 140230/170832 (executing program)
1970/01/01 00:07:16 fetching corpus: 1978, signal 141532/172412 (executing program)
1970/01/01 00:07:19 fetching corpus: 2028, signal 142906/173990 (executing program)
1970/01/01 00:07:21 fetching corpus: 2078, signal 144397/175638 (executing program)
1970/01/01 00:07:23 fetching corpus: 2128, signal 145597/177069 (executing program)
1970/01/01 00:07:25 fetching corpus: 2177, signal 147002/178636 (executing program)
1970/01/01 00:07:28 fetching corpus: 2227, signal 148293/180153 (executing program)
1970/01/01 00:07:32 fetching corpus: 2277, signal 149492/181533 (executing program)
1970/01/01 00:07:34 fetching corpus: 2326, signal 151020/183063 (executing program)
1970/01/01 00:07:37 fetching corpus: 2376, signal 152198/184428 (executing program)
1970/01/01 00:07:40 fetching corpus: 2426, signal 153758/185968 (executing program)
1970/01/01 00:07:43 fetching corpus: 2475, signal 154810/187192 (executing program)
1970/01/01 00:07:46 fetching corpus: 2524, signal 155884/188415 (executing program)
1970/01/01 00:07:49 fetching corpus: 2573, signal 156590/189432 (executing program)
1970/01/01 00:07:54 fetching corpus: 2622, signal 157423/190521 (executing program)
1970/01/01 00:07:57 fetching corpus: 2672, signal 158433/191650 (executing program)
1970/01/01 00:08:00 fetching corpus: 2722, signal 159894/192972 (executing program)
1970/01/01 00:08:03 fetching corpus: 2769, signal 160674/193954 (executing program)
1970/01/01 00:08:05 fetching corpus: 2819, signal 161842/195119 (executing program)
1970/01/01 00:08:08 fetching corpus: 2869, signal 163322/196407 (executing program)
1970/01/01 00:08:10 fetching corpus: 2919, signal 164313/197442 (executing program)
1970/01/01 00:08:12 fetching corpus: 2969, signal 165242/198430 (executing program)
1970/01/01 00:08:15 fetching corpus: 3019, signal 165997/199313 (executing program)
1970/01/01 00:08:17 fetching corpus: 3069, signal 166608/200118 (executing program)
1970/01/01 00:08:20 fetching corpus: 3118, signal 167196/200934 (executing program)
1970/01/01 00:08:23 fetching corpus: 3167, signal 168098/201890 (executing program)
1970/01/01 00:08:25 fetching corpus: 3217, signal 169042/202818 (executing program)
1970/01/01 00:08:27 fetching corpus: 3267, signal 169640/203570 (executing program)
1970/01/01 00:08:29 fetching corpus: 3317, signal 170124/204277 (executing program)
1970/01/01 00:08:31 fetching corpus: 3367, signal 170975/205123 (executing program)
1970/01/01 00:08:33 fetching corpus: 3416, signal 171761/205943 (executing program)
1970/01/01 00:08:35 fetching corpus: 3466, signal 172565/206775 (executing program)
1970/01/01 00:08:38 fetching corpus: 3514, signal 173466/207609 (executing program)
1970/01/01 00:08:40 fetching corpus: 3564, signal 174180/208375 (executing program)
1970/01/01 00:08:42 fetching corpus: 3614, signal 174945/209120 (executing program)
1970/01/01 00:08:44 fetching corpus: 3664, signal 175612/209817 (executing program)
1970/01/01 00:08:47 fetching corpus: 3714, signal 176370/210528 (executing program)
1970/01/01 00:08:50 fetching corpus: 3764, signal 177169/211268 (executing program)
1970/01/01 00:08:53 fetching corpus: 3814, signal 177760/211880 (executing program)
1970/01/01 00:08:55 fetching corpus: 3863, signal 178369/212486 (executing program)
1970/01/01 00:08:58 fetching corpus: 3913, signal 178945/213141 (executing program)
1970/01/01 00:09:01 fetching corpus: 3962, signal 179725/213781 (executing program)
1970/01/01 00:09:03 fetching corpus: 4012, signal 180272/214371 (executing program)
1970/01/01 00:09:05 fetching corpus: 4062, signal 180804/214908 (executing program)
1970/01/01 00:09:08 fetching corpus: 4112, signal 181290/215433 (executing program)
1970/01/01 00:09:10 fetching corpus: 4162, signal 181864/215968 (executing program)
1970/01/01 00:09:12 fetching corpus: 4212, signal 182525/216535 (executing program)
1970/01/01 00:09:15 fetching corpus: 4262, signal 183184/217049 (executing program)
1970/01/01 00:09:17 fetching corpus: 4309, signal 183710/217552 (executing program)
1970/01/01 00:09:19 fetching corpus: 4359, signal 184376/218111 (executing program)
1970/01/01 00:09:22 fetching corpus: 4409, signal 184916/218627 (executing program)
1970/01/01 00:09:24 fetching corpus: 4459, signal 185635/219128 (executing program)
1970/01/01 00:09:26 fetching corpus: 4509, signal 186266/219592 (executing program)
1970/01/01 00:09:28 fetching corpus: 4559, signal 186707/220023 (executing program)
1970/01/01 00:09:30 fetching corpus: 4609, signal 187375/220475 (executing program)
1970/01/01 00:09:34 fetching corpus: 4658, signal 187969/220958 (executing program)
1970/01/01 00:09:36 fetching corpus: 4707, signal 188567/221399 (executing program)
1970/01/01 00:09:38 fetching corpus: 4757, signal 189349/221878 (executing program)
1970/01/01 00:09:40 fetching corpus: 4807, signal 190035/222311 (executing program)
1970/01/01 00:09:43 fetching corpus: 4857, signal 190523/222713 (executing program)
1970/01/01 00:09:45 fetching corpus: 4906, signal 191102/223091 (executing program)
1970/01/01 00:09:48 fetching corpus: 4956, signal 191656/223469 (executing program)
1970/01/01 00:09:51 fetching corpus: 5005, signal 192336/223890 (executing program)
1970/01/01 00:09:53 fetching corpus: 5055, signal 192813/224234 (executing program)
1970/01/01 00:09:56 fetching corpus: 5104, signal 193650/224604 (executing program)
1970/01/01 00:09:59 fetching corpus: 5154, signal 194314/224938 (executing program)
1970/01/01 00:10:02 fetching corpus: 5203, signal 195000/225283 (executing program)
1970/01/01 00:10:05 fetching corpus: 5252, signal 195498/225583 (executing program)
1970/01/01 00:10:08 fetching corpus: 5301, signal 196059/225876 (executing program)
1970/01/01 00:10:11 fetching corpus: 5351, signal 196568/226174 (executing program)
1970/01/01 00:10:14 fetching corpus: 5401, signal 197065/226459 (executing program)
1970/01/01 00:10:16 fetching corpus: 5451, signal 197472/226737 (executing program)
1970/01/01 00:10:19 fetching corpus: 5499, signal 198117/227006 (executing program)
1970/01/01 00:10:21 fetching corpus: 5549, signal 198594/227283 (executing program)
1970/01/01 00:10:23 fetching corpus: 5599, signal 199245/227513 (executing program)
1970/01/01 00:10:26 fetching corpus: 5649, signal 199659/227513 (executing program)
1970/01/01 00:10:28 fetching corpus: 5699, signal 200039/227540 (executing program)
1970/01/01 00:10:31 fetching corpus: 5749, signal 200366/227540 (executing program)
1970/01/01 00:10:34 fetching corpus: 5799, signal 200828/227555 (executing program)
1970/01/01 00:10:35 fetching corpus: 5849, signal 201244/227561 (executing program)
1970/01/01 00:10:37 fetching corpus: 5899, signal 201585/227561 (executing program)
1970/01/01 00:10:40 fetching corpus: 5948, signal 202145/227561 (executing program)
1970/01/01 00:10:43 fetching corpus: 5998, signal 202651/227568 (executing program)
1970/01/01 00:10:46 fetching corpus: 6048, signal 203095/227571 (executing program)
1970/01/01 00:10:48 fetching corpus: 6096, signal 203470/227582 (executing program)
1970/01/01 00:10:50 fetching corpus: 6145, signal 203947/227589 (executing program)
1970/01/01 00:10:52 fetching corpus: 6195, signal 204471/227589 (executing program)
1970/01/01 00:10:54 fetching corpus: 6245, signal 205030/227623 (executing program)
1970/01/01 00:10:56 fetching corpus: 6295, signal 205597/227623 (executing program)
1970/01/01 00:10:58 fetching corpus: 6344, signal 205980/227631 (executing program)
1970/01/01 00:11:00 fetching corpus: 6394, signal 206618/227635 (executing program)
1970/01/01 00:11:02 fetching corpus: 6444, signal 207092/227635 (executing program)
1970/01/01 00:11:03 fetching corpus: 6494, signal 207541/227635 (executing program)
1970/01/01 00:11:05 fetching corpus: 6544, signal 207991/227635 (executing program)
1970/01/01 00:11:08 fetching corpus: 6594, signal 208519/227635 (executing program)
1970/01/01 00:11:12 fetching corpus: 6643, signal 209096/227657 (executing program)
1970/01/01 00:11:15 fetching corpus: 6691, signal 209521/227715 (executing program)
1970/01/01 00:11:17 fetching corpus: 6741, signal 210302/227722 (executing program)
1970/01/01 00:11:19 fetching corpus: 6791, signal 211161/227722 (executing program)
1970/01/01 00:11:21 fetching corpus: 6841, signal 211533/227728 (executing program)
1970/01/01 00:11:23 fetching corpus: 6891, signal 211959/227728 (executing program)
1970/01/01 00:11:25 fetching corpus: 6941, signal 212325/227728 (executing program)
1970/01/01 00:11:28 fetching corpus: 6991, signal 212697/227728 (executing program)
1970/01/01 00:11:32 fetching corpus: 7039, signal 213151/227732 (executing program)
1970/01/01 00:11:35 fetching corpus: 7088, signal 213694/227736 (executing program)
1970/01/01 00:11:37 fetching corpus: 7136, signal 214073/227743 (executing program)
1970/01/01 00:11:40 fetching corpus: 7185, signal 214489/227786 (executing program)
1970/01/01 00:11:42 fetching corpus: 7235, signal 214870/227789 (executing program)
1970/01/01 00:11:44 fetching corpus: 7285, signal 215389/227800 (executing program)
1970/01/01 00:11:46 fetching corpus: 7335, signal 215745/227800 (executing program)
1970/01/01 00:11:48 fetching corpus: 7385, signal 216235/227805 (executing program)
1970/01/01 00:11:50 fetching corpus: 7434, signal 216658/227806 (executing program)
1970/01/01 00:11:53 fetching corpus: 7484, signal 217274/227808 (executing program)
1970/01/01 00:11:57 fetching corpus: 7534, signal 217764/227812 (executing program)
1970/01/01 00:11:59 fetching corpus: 7584, signal 218218/227823 (executing program)
1970/01/01 00:12:03 fetching corpus: 7633, signal 218675/227836 (executing program)
1970/01/01 00:12:05 fetching corpus: 7682, signal 219053/227846 (executing program)
1970/01/01 00:12:07 fetching corpus: 7732, signal 219537/227865 (executing program)
1970/01/01 00:12:10 fetching corpus: 7782, signal 219959/227865 (executing program)
1970/01/01 00:12:12 fetching corpus: 7832, signal 220330/227882 (executing program)
1970/01/01 00:12:15 fetching corpus: 7882, signal 220625/227882 (executing program)
1970/01/01 00:12:18 fetching corpus: 7931, signal 221025/227883 (executing program)
1970/01/01 00:12:21 fetching corpus: 7980, signal 221475/227887 (executing program)
1970/01/01 00:12:23 fetching corpus: 8029, signal 221924/227887 (executing program)
1970/01/01 00:12:26 fetching corpus: 8079, signal 222353/227903 (executing program)
1970/01/01 00:12:29 fetching corpus: 8128, signal 222716/227905 (executing program)
1970/01/01 00:12:31 fetching corpus: 8178, signal 223009/227905 (executing program)
1970/01/01 00:12:34 fetching corpus: 8227, signal 223432/227910 (executing program)
1970/01/01 00:12:36 fetching corpus: 8277, signal 223863/227910 (executing program)
1970/01/01 00:12:40 fetching corpus: 8327, signal 224215/227931 (executing program)
1970/01/01 00:12:41 fetching corpus: 8376, signal 224534/227940 (executing program)
1970/01/01 00:12:44 fetching corpus: 8425, signal 225071/227961 (executing program)
1970/01/01 00:12:46 fetching corpus: 8475, signal 225368/227961 (executing program)
1970/01/01 00:12:48 fetching corpus: 8524, signal 225747/227961 (executing program)
1970/01/01 00:12:50 fetching corpus: 8574, signal 226071/227961 (executing program)
1970/01/01 00:12:52 fetching corpus: 8620, signal 226477/227963 (executing program)
1970/01/01 00:12:52 fetching corpus: 8622, signal 226481/227963 (executing program)
1970/01/01 00:12:53 fetching corpus: 8622, signal 226481/227963 (executing program)
1970/01/01 00:14:35 starting 2 fuzzer processes
00:14:35 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001d80)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = getpid()
recvfrom$unix(r1, 0x0, 0x0, 0x40000122, 0x0, 0x0)
sendmsg$unix(r0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0)

00:14:35 executing program 1:
r0 = syz_io_uring_setup(0x7e9d, &(0x7f0000000380), &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000000400), &(0x7f0000000440))
io_uring_register$IORING_REGISTER_FILES(r0, 0x13, 0x0, 0x0)

[  906.141133][ T2043] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  906.230841][ T2043] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  908.511430][ T2045] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link
[  908.700653][ T2045] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link
[  919.258579][ T2043] device hsr_slave_0 entered promiscuous mode
[  919.323032][ T2043] device hsr_slave_1 entered promiscuous mode
[  921.818127][ T2045] device hsr_slave_0 entered promiscuous mode
[  921.869882][ T2045] device hsr_slave_1 entered promiscuous mode
[  921.947568][ T2045] debugfs: Directory 'hsr0' with parent 'hsr' already present!
[  921.951996][ T2045] Cannot create hsr debugfs directory
[  928.873027][ T2043] netdevsim netdevsim0 netdevsim0: renamed from eth0
[  929.046023][ T2043] netdevsim netdevsim0 netdevsim1: renamed from eth1
[  929.272410][ T2043] netdevsim netdevsim0 netdevsim2: renamed from eth2
[  929.582447][ T2043] netdevsim netdevsim0 netdevsim3: renamed from eth3
[  930.509540][ T2045] netdevsim netdevsim1 netdevsim0: renamed from eth0
[  930.858388][ T2045] netdevsim netdevsim1 netdevsim1: renamed from eth1
[  930.998304][ T2045] netdevsim netdevsim1 netdevsim2: renamed from eth2
[  931.139746][ T2045] netdevsim netdevsim1 netdevsim3: renamed from eth3
[  942.316458][ T2043] 8021q: adding VLAN 0 to HW filter on device bond0
[  943.337703][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  943.461555][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  944.503062][ T2045] 8021q: adding VLAN 0 to HW filter on device bond0
[  945.011125][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth1: link becomes ready
[  945.087234][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0: link becomes ready
[  951.970853][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  952.030231][   T12] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  952.240954][ T2652] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  952.369373][ T2652] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  952.627214][ T2652] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  952.920284][ T2652] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  953.578374][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bridge: link becomes ready
[  953.637112][    T5] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_0: link becomes ready
[  954.066383][ T2666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  954.087760][ T2666] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  954.109814][ T2666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bridge: link becomes ready
[  954.142788][ T2666] IPv6: ADDRCONF(NETDEV_CHANGE): bridge_slave_1: link becomes ready
[  954.511928][ T2666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  954.528218][ T2666] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  954.640885][ T2666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_bond: link becomes ready
[  955.109251][ T2089] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_bond: link becomes ready
[  956.301580][ T2089] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  956.318792][ T2089] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  956.323005][ T2089] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_hsr: link becomes ready
[  956.381298][ T2089] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_0: link becomes ready
[  956.692174][ T2089] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_hsr: link becomes ready
[  956.757456][ T2089] IPv6: ADDRCONF(NETDEV_CHANGE): hsr_slave_1: link becomes ready
[  956.989105][ T2045] IPv6: ADDRCONF(NETDEV_CHANGE): hsr0: link becomes ready
[  958.226230][ T2089] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan1: link becomes ready
[  958.230507][ T2089] IPv6: ADDRCONF(NETDEV_CHANGE): vxcan0: link becomes ready
[  980.501051][ T2652] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  980.590713][ T2652] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  981.046751][ T2652] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_virt_wifi: link becomes ready
[  981.091624][ T2652] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_virt_wifi: link becomes ready
[  988.516675][ T2666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  988.592048][ T2666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  988.936342][ T2043] device veth0_vlan entered promiscuous mode
[  989.147659][ T2045] device veth0_vlan entered promiscuous mode
[  989.227766][ T2652] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  989.281713][ T2652] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  989.310376][ T2652] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_vlan: link becomes ready
[  989.329870][ T2652] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_vlan: link becomes ready
[  989.441913][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan0: link becomes ready
[  989.503100][   T20] IPv6: ADDRCONF(NETDEV_CHANGE): vlan1: link becomes ready
[  989.569719][ T2043] device veth1_vlan entered promiscuous mode
[  989.991814][ T2045] device veth1_vlan entered promiscuous mode
[  991.150091][ T2089] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  991.181545][ T2089] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  991.579700][ T2043] device veth0_macvtap entered promiscuous mode
[  991.966954][ T2089] IPv6: ADDRCONF(NETDEV_CHANGE): macvtap0: link becomes ready
[  992.030587][ T2089] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_macvtap: link becomes ready
[  992.081558][ T2089] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_macvtap: link becomes ready
[  992.506211][ T2043] device veth1_macvtap entered promiscuous mode
[  992.807034][ T2045] device veth0_macvtap entered promiscuous mode
[  993.480004][ T2045] device veth1_macvtap entered promiscuous mode
[  995.509142][ T2666] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  995.620671][ T2666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  995.640681][ T2666] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  995.691801][ T2666] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  995.731601][ T2666] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_0: link becomes ready
[  995.762864][ T2666] IPv6: ADDRCONF(NETDEV_CHANGE): veth0_to_batadv: link becomes ready
[  995.891919][ T2043] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  995.897713][ T2043] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  995.899483][ T2043] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  995.952801][ T2043] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
[  996.335966][ T2100] IPv6: ADDRCONF(NETDEV_CHANGE): batadv_slave_1: link becomes ready
[  996.430904][ T2100] IPv6: ADDRCONF(NETDEV_CHANGE): veth1_to_batadv: link becomes ready
[  997.009320][ T2045] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0
[  997.011490][ T2045] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0
[  997.013060][ T2045] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0
[  997.042535][ T2045] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0
00:16:50 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001d80)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = getpid()
recvfrom$unix(r1, 0x0, 0x0, 0x40000122, 0x0, 0x0)
sendmsg$unix(r0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0)

00:16:51 executing program 1:
r0 = syz_io_uring_setup(0x7e9d, &(0x7f0000000380), &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000000400), &(0x7f0000000440))
io_uring_register$IORING_REGISTER_FILES(r0, 0x13, 0x0, 0x0)

00:16:58 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001d80)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = getpid()
recvfrom$unix(r1, 0x0, 0x0, 0x40000122, 0x0, 0x0)
sendmsg$unix(r0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0)

00:17:00 executing program 1:
r0 = syz_io_uring_setup(0x7e9d, &(0x7f0000000380), &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000000400), &(0x7f0000000440))
io_uring_register$IORING_REGISTER_FILES(r0, 0x13, 0x0, 0x0)

00:17:05 executing program 0:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001d80)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = getpid()
recvfrom$unix(r1, 0x0, 0x0, 0x40000122, 0x0, 0x0)
sendmsg$unix(r0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0)

00:17:06 executing program 1:
r0 = syz_io_uring_setup(0x7e9d, &(0x7f0000000380), &(0x7f0000ff8000/0x1000)=nil, &(0x7f0000ff0000/0x10000)=nil, &(0x7f0000000400), &(0x7f0000000440))
io_uring_register$IORING_REGISTER_FILES(r0, 0x13, 0x0, 0x0)

00:17:13 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001d80)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = getpid()
recvfrom$unix(r1, 0x0, 0x0, 0x40000122, 0x0, 0x0)
sendmsg$unix(r0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0)

00:17:13 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f00000014c0))

00:17:16 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001d80)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = getpid()
recvfrom$unix(r1, 0x0, 0x0, 0x40000122, 0x0, 0x0)
sendmsg$unix(r0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0)

00:17:18 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f00000014c0))

00:17:21 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f00000014c0))

00:17:22 executing program 1:
socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000001d80)={<r0=>0xffffffffffffffff, <r1=>0xffffffffffffffff})
r2 = getpid()
recvfrom$unix(r1, 0x0, 0x0, 0x40000122, 0x0, 0x0)
sendmsg$unix(r0, &(0x7f0000000700)={0x0, 0x0, 0x0, 0x0, &(0x7f0000000180)=[@cred={{0x1c, 0x1, 0x2, {r2}}}], 0x20}, 0x0)

00:17:25 executing program 0:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f00000014c0))

00:17:27 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f00000014c0))

00:17:31 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000100)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003080)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)='b', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f00000018c0)='=', 0x7ffff000}], 0x1}}], 0x2, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000002c0)={&(0x7f0000fef000/0xf000)=nil, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000300)=0x40)

00:17:31 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f00000014c0))

00:17:34 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000100)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003080)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)='b', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f00000018c0)='=', 0x7ffff000}], 0x1}}], 0x2, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000002c0)={&(0x7f0000fef000/0xf000)=nil, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000300)=0x40)

00:17:35 executing program 1:
r0 = openat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x26e1, 0x0)
ioctl$FS_IOC_GETVERSION(r0, 0x80087601, &(0x7f00000014c0))

00:17:37 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000100)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003080)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)='b', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f00000018c0)='=', 0x7ffff000}], 0x1}}], 0x2, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000002c0)={&(0x7f0000fef000/0xf000)=nil, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000300)=0x40)

00:17:41 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000100)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003080)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)='b', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f00000018c0)='=', 0x7ffff000}], 0x1}}], 0x2, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000002c0)={&(0x7f0000fef000/0xf000)=nil, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000300)=0x40)

00:17:41 executing program 0:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000100)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003080)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)='b', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f00000018c0)='=', 0x7ffff000}], 0x1}}], 0x2, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000002c0)={&(0x7f0000fef000/0xf000)=nil, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000300)=0x40)

00:17:43 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000100)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003080)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)='b', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f00000018c0)='=', 0x7ffff000}], 0x1}}], 0x2, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000002c0)={&(0x7f0000fef000/0xf000)=nil, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000300)=0x40)

00:17:45 executing program 0:
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{}, {}], 0x6f)

00:17:47 executing program 1:
r0 = socket$inet6_tcp(0xa, 0x1, 0x0)
setsockopt$inet6_tcp_TCP_REPAIR(r0, 0x6, 0x13, &(0x7f0000000000)=0x1, 0x4)
setsockopt$inet6_tcp_TCP_REPAIR_QUEUE(r0, 0x6, 0x14, &(0x7f0000000100)=0x1, 0x4)
connect$inet6(r0, &(0x7f0000000140)={0xa, 0x0, 0x0, @loopback}, 0x1c)
sendmmsg$inet6(r0, &(0x7f0000003080)=[{{0x0, 0x0, &(0x7f0000000040)=[{&(0x7f0000000080)='b', 0x1}], 0x1}}, {{0x0, 0x0, &(0x7f00000016c0)=[{&(0x7f00000018c0)='=', 0x7ffff000}], 0x1}}], 0x2, 0x0)
getsockopt$inet6_tcp_TCP_ZEROCOPY_RECEIVE(r0, 0x6, 0x23, &(0x7f00000002c0)={&(0x7f0000fef000/0xf000)=nil, 0xf000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, &(0x7f0000000300)=0x40)

00:17:48 executing program 0:
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{}, {}], 0x6f)

00:17:51 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x24}}, 0x0)

00:17:52 executing program 0:
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{}, {}], 0x6f)

00:17:54 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x24}}, 0x0)

00:17:56 executing program 0:
r0 = socket$can_raw(0x1d, 0x3, 0x1)
setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000000)=[{}, {}], 0x6f)

00:17:58 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x24}}, 0x0)

00:17:59 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000180)=ANY=[@ANYBLOB="300000001100f3a9000000000000000007000000", @ANYRES32=r2, @ANYBLOB="0000ae860000000010001a8004001c0808"], 0x30}}, 0x0)

00:18:01 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000180)=ANY=[@ANYBLOB="300000001100f3a9000000000000000007000000", @ANYRES32=r2, @ANYBLOB="0000ae860000000010001a8004001c0808"], 0x30}}, 0x0)

00:18:01 executing program 1:
r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10)
r2 = syz_genetlink_get_family_id$netlbl_mgmt(&(0x7f0000000100), r0)
sendmsg$NLBL_MGMT_C_ADDDEF(r1, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000140)={0x24, r2, 0x1, 0x0, 0x0, {}, [@NLBL_MGMT_A_IPV4ADDR={0x8, 0x7, @dev}, @NLBL_MGMT_A_PROTOCOL={0x8}]}, 0x24}}, 0x0)

00:18:04 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000180)=ANY=[@ANYBLOB="300000001100f3a9000000000000000007000000", @ANYRES32=r2, @ANYBLOB="0000ae860000000010001a8004001c0808"], 0x30}}, 0x0)

00:18:06 executing program 1:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000009040)='net/snmp\x00')
r1 = ioctl$NS_GET_PARENT(r0, 0x5460, 0xec000)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000012c0)={0x26, 'hash\x00', 0x0, 0x0, 'wp384-generic\x00'}, 0x58)
accept4$alg(r2, 0x0, 0x0, 0x0)
dup3(r1, r2, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0x5460, 0xec000)
r3 = socket$alg(0x26, 0x5, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close_range(r2, r3, 0x0)

00:18:08 executing program 0:
r0 = socket$nl_route(0x10, 0x3, 0x0)
r1 = socket$inet_icmp_raw(0x2, 0x3, 0x1)
ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'batadv_slave_1\x00', <r2=>0x0})
sendmsg$nl_route(r0, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000480)={&(0x7f0000000180)=ANY=[@ANYBLOB="300000001100f3a9000000000000000007000000", @ANYRES32=r2, @ANYBLOB="0000ae860000000010001a8004001c0808"], 0x30}}, 0x0)

00:18:09 executing program 1:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000009040)='net/snmp\x00')
r1 = ioctl$NS_GET_PARENT(r0, 0x5460, 0xec000)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000012c0)={0x26, 'hash\x00', 0x0, 0x0, 'wp384-generic\x00'}, 0x58)
accept4$alg(r2, 0x0, 0x0, 0x0)
dup3(r1, r2, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0x5460, 0xec000)
r3 = socket$alg(0x26, 0x5, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close_range(r2, r3, 0x0)

00:18:13 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @host}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mount$fuse(0x0, &(0x7f0000000bc0)='./file0\x00', 0x0, 0x160c10, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8)

00:18:13 executing program 1:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000009040)='net/snmp\x00')
r1 = ioctl$NS_GET_PARENT(r0, 0x5460, 0xec000)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000012c0)={0x26, 'hash\x00', 0x0, 0x0, 'wp384-generic\x00'}, 0x58)
accept4$alg(r2, 0x0, 0x0, 0x0)
dup3(r1, r2, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0x5460, 0xec000)
r3 = socket$alg(0x26, 0x5, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close_range(r2, r3, 0x0)

00:18:16 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @host}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mount$fuse(0x0, &(0x7f0000000bc0)='./file0\x00', 0x0, 0x160c10, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8)

00:18:17 executing program 1:
r0 = syz_open_procfs(0xffffffffffffffff, &(0x7f0000009040)='net/snmp\x00')
r1 = ioctl$NS_GET_PARENT(r0, 0x5460, 0xec000)
r2 = socket$alg(0x26, 0x5, 0x0)
bind$alg(r2, &(0x7f00000012c0)={0x26, 'hash\x00', 0x0, 0x0, 'wp384-generic\x00'}, 0x58)
accept4$alg(r2, 0x0, 0x0, 0x0)
dup3(r1, r2, 0x0)
ioctl$NS_GET_PARENT(0xffffffffffffffff, 0x5460, 0xec000)
r3 = socket$alg(0x26, 0x5, 0x0)
dup3(0xffffffffffffffff, 0xffffffffffffffff, 0x0)
close_range(r2, r3, 0x0)

00:18:20 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @host}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mount$fuse(0x0, &(0x7f0000000bc0)='./file0\x00', 0x0, 0x160c10, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8)

00:18:22 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @host}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mount$fuse(0x0, &(0x7f0000000bc0)='./file0\x00', 0x0, 0x160c10, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8)

00:18:24 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @host}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mount$fuse(0x0, &(0x7f0000000bc0)='./file0\x00', 0x0, 0x160c10, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8)

00:18:25 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @host}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mount$fuse(0x0, &(0x7f0000000bc0)='./file0\x00', 0x0, 0x160c10, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8)

00:18:28 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @host}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mount$fuse(0x0, &(0x7f0000000bc0)='./file0\x00', 0x0, 0x160c10, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8)

00:18:29 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @host}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mount$fuse(0x0, &(0x7f0000000bc0)='./file0\x00', 0x0, 0x160c10, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8)

00:18:31 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @host}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mount$fuse(0x0, &(0x7f0000000bc0)='./file0\x00', 0x0, 0x160c10, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8)

00:18:34 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @host}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mount$fuse(0x0, &(0x7f0000000bc0)='./file0\x00', 0x0, 0x160c10, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8)

00:18:37 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @host}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mount$fuse(0x0, &(0x7f0000000bc0)='./file0\x00', 0x0, 0x160c10, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8)

00:18:41 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @host}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mount$fuse(0x0, &(0x7f0000000bc0)='./file0\x00', 0x0, 0x160c10, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8)

00:18:44 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @host}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mount$fuse(0x0, &(0x7f0000000bc0)='./file0\x00', 0x0, 0x160c10, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8)

00:18:48 executing program 1:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @host}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mount$fuse(0x0, &(0x7f0000000bc0)='./file0\x00', 0x0, 0x160c10, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8)

00:18:50 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @host}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mount$fuse(0x0, &(0x7f0000000bc0)='./file0\x00', 0x0, 0x160c10, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8)

00:18:54 executing program 1:
r0 = socket$nl_route(0x10, 0x3, 0x0)
socket$inet6_udp(0xa, 0x2, 0x0)
sendmsg$nl_route(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="6000000010000104000000002e08000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000380012800b00010069703667726500002800028014000600fe8000000000000000000000000000000500160001000000050017000000000008000a00", @ANYRES32], 0x60}}, 0x0)
read$FUSE(0xffffffffffffffff, &(0x7f0000001440)={0x2020}, 0x2020)

00:18:55 executing program 0:
mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0)
mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000002100), 0x0, 0x0)
r0 = socket$vsock_stream(0x28, 0x1, 0x0)
connect$vsock_stream(r0, &(0x7f0000000080)={0x28, 0x0, 0x0, @host}, 0x10)
socket$nl_generic(0x10, 0x3, 0x10)
mount$fuse(0x0, &(0x7f0000000bc0)='./file0\x00', 0x0, 0x160c10, 0x0)
setsockopt$SO_VM_SOCKETS_BUFFER_SIZE(r0, 0x28, 0x0, &(0x7f0000000000), 0x8)

[ 1137.659074][    C0] ==================================================================
[ 1137.665478][    C0] 
[ 1137.665691][    C0] ======================================================
[ 1137.665807][    C0] WARNING: possible circular locking dependency detected
[ 1137.666097][    C0] 5.17.0-rc1-syzkaller-00002-g0966d385830d #0 Not tainted
[ 1137.666500][    C0] ------------------------------------------------------
[ 1137.666622][    C0] syz-executor.1/2853 is trying to acquire lock:
[ 1137.666907][    C0] ffffffff84a888e0 (console_owner){-.-.}-{0:0}, at: console_unlock+0x2b2/0x97a
[ 1137.668522][    C0] 
[ 1137.668522][    C0] but task is already holding lock:
[ 1137.668628][    C0] ffffffff84c3a588 (report_lock){-.-.}-{2:2}, at: kasan_report+0x84/0x1e0
[ 1137.669560][    C0] 
[ 1137.669560][    C0] which lock already depends on the new lock.
[ 1137.669560][    C0] 
[ 1137.669669][    C0] 
[ 1137.669669][    C0] the existing dependency chain (in reverse order) is:
[ 1137.669801][    C0] 
[ 1137.669801][    C0] -> #7 (report_lock){-.-.}-{2:2}:
[ 1137.670385][    C0]        lock_acquire.part.0+0x1d0/0x424
[ 1137.670892][    C0]        lock_acquire+0x54/0x6a
[ 1137.671249][    C0]        _raw_spin_lock_irqsave+0x3e/0x62
[ 1137.671607][    C0]        kasan_report+0x84/0x1e0
[ 1137.671999][    C0]        __asan_load8+0x6e/0x96
[ 1137.672360][    C0]        timerqueue_add+0xb0/0x1d0
[ 1137.672726][    C0]        __hrtimer_run_queues+0x8b4/0xa16
[ 1137.673095][    C0]        hrtimer_interrupt+0x1d4/0x3ea
[ 1137.673500][    C0]        riscv_timer_interrupt+0x5c/0x6a
[ 1137.673830][    C0]        handle_percpu_devid_irq+0x17e/0x2ae
[ 1137.674251][    C0]        generic_handle_domain_irq+0x7c/0x9c
[ 1137.674600][    C0]        riscv_intc_irq+0x7e/0xc8
[ 1137.675012][    C0]        generic_handle_arch_irq+0x36/0x54
[ 1137.675427][    C0]        ret_from_exception+0x0/0x10
[ 1137.675875][    C0] 
[ 1137.675875][    C0] -> #6 (hrtimer_bases.lock){-.-.}-{2:2}:
[ 1137.676433][    C0]        lock_acquire.part.0+0x1d0/0x424
[ 1137.676811][    C0]        lock_acquire+0x54/0x6a
[ 1137.677163][    C0]        _raw_spin_lock_irqsave+0x3e/0x62
[ 1137.677570][    C0]        hrtimer_start_range_ns+0x9e/0x6dc
[ 1137.677937][    C0]        enqueue_task_rt+0x520/0x568
[ 1137.678260][    C0]        enqueue_task+0x66/0x136
[ 1137.678630][    C0]        __sched_setscheduler.constprop.0+0x704/0xdd4
[ 1137.679063][    C0]        sched_set_fifo+0xc8/0x108
[ 1137.679452][    C0]        drm_vblank_worker_init+0xea/0x10c
[ 1137.679828][    C0]        drm_vblank_init+0xec/0x24e
[ 1137.680240][    C0]        vkms_init+0x272/0x45c
[ 1137.680638][    C0]        do_one_initcall+0x13a/0x7ea
[ 1137.680952][    C0]        kernel_init_freeable+0x510/0x5b4
[ 1137.681383][    C0]        kernel_init+0x28/0x21c
[ 1137.681785][    C0]        ret_from_exception+0x0/0x10
[ 1137.682187][    C0] 
[ 1137.682187][    C0] -> #5 (&rt_b->rt_runtime_lock){-...}-{2:2}:
[ 1137.682763][    C0]        lock_acquire.part.0+0x1d0/0x424
[ 1137.683161][    C0]        lock_acquire+0x54/0x6a
[ 1137.683528][    C0]        _raw_spin_lock+0x32/0x48
[ 1137.683891][    C0]        rq_online_rt+0x78/0x1b8
[ 1137.684187][    C0]        set_rq_online.part.0+0xaa/0xc2
[ 1137.684556][    C0]        sched_cpu_activate+0x1c0/0x250
[ 1137.684899][    C0]        cpuhp_invoke_callback+0x282/0x504
[ 1137.685254][    C0]        cpuhp_thread_fun+0x2f6/0x4b0
[ 1137.685615][    C0]        smpboot_thread_fn+0x448/0x6cc
[ 1137.686020][    C0]        kthread+0x19e/0x1fa
[ 1137.686419][    C0]        ret_from_exception+0x0/0x10
[ 1137.686760][    C0] 
[ 1137.686760][    C0] -> #4 (&rq->__lock){-.-.}-{2:2}:
[ 1137.687310][    C0]        lock_acquire.part.0+0x1d0/0x424
[ 1137.687743][    C0]        lock_acquire+0x54/0x6a
[ 1137.688112][    C0]        _raw_spin_lock_nested+0x36/0x4e
[ 1137.688480][    C0]        raw_spin_rq_lock_nested+0x22/0x34
[ 1137.688885][    C0]        task_fork_fair+0xa8/0x218
[ 1137.689296][    C0]        sched_post_fork+0x16e/0x196
[ 1137.689717][    C0]        copy_process+0x3378/0x3c34
[ 1137.690098][    C0]        kernel_clone+0xee/0x920
[ 1137.690494][    C0]        kernel_thread+0xf8/0x130
[ 1137.690864][    C0]        rest_init+0x34/0x3f2
[ 1137.691241][    C0]        arch_call_rest_init+0x18/0x20
[ 1137.691598][    C0]        start_kernel+0x66a/0x698
[ 1137.691946][    C0] 
[ 1137.691946][    C0] -> #3 (&p->pi_lock){-.-.}-{2:2}:
[ 1137.692496][    C0]        lock_acquire.part.0+0x1d0/0x424
[ 1137.692877][    C0]        lock_acquire+0x54/0x6a
[ 1137.693224][    C0]        _raw_spin_lock_irqsave+0x3e/0x62
[ 1137.693628][    C0]        try_to_wake_up+0xa4/0x748
[ 1137.694021][    C0]        default_wake_function+0x28/0x36
[ 1137.694452][    C0]        woken_wake_function+0x38/0x48
[ 1137.694811][    C0]        __wake_up_common+0xb6/0x236
[ 1137.695146][    C0]        __wake_up_common_lock+0xd6/0x136
[ 1137.695502][    C0]        __wake_up+0x10/0x18
[ 1137.695838][    C0]        tty_wakeup+0x58/0xbe
[ 1137.696222][    C0]        tty_port_default_wakeup+0x2c/0x44
[ 1137.696605][    C0]        tty_port_tty_wakeup+0x3a/0x46
[ 1137.696960][    C0]        uart_write_wakeup+0x34/0x48
[ 1137.697292][    C0]        serial8250_tx_chars+0x322/0x592
[ 1137.697712][    C0]        serial8250_handle_irq.part.0+0x284/0x286
[ 1137.698154][    C0]        serial8250_default_handle_irq+0xac/0x142
[ 1137.698609][    C0]        serial8250_interrupt+0xbe/0x1a6
[ 1137.698970][    C0]        __handle_irq_event_percpu+0x16e/0x6ec
[ 1137.699343][    C0]        handle_irq_event+0x6a/0xfa
[ 1137.699658][    C0]        handle_fasteoi_irq+0x1c0/0x4d6
[ 1137.700035][    C0]        generic_handle_domain_irq+0x7c/0x9c
[ 1137.700389][    C0]        plic_handle_irq+0x122/0x242
[ 1137.700803][    C0]        generic_handle_domain_irq+0x7c/0x9c
[ 1137.701162][    C0]        riscv_intc_irq+0x7e/0xc8
[ 1137.701661][    C0]        generic_handle_arch_irq+0x36/0x54
[ 1137.702079][    C0]        ret_from_exception+0x0/0x10
[ 1137.702432][    C0]        lock_acquire.part.0+0x210/0x424
[ 1137.702825][    C0] 
[ 1137.702825][    C0] -> #2 (&tty->write_wait){-...}-{2:2}:
[ 1137.703400][    C0]        lock_acquire.part.0+0x1d0/0x424
[ 1137.703805][    C0]        lock_acquire+0x54/0x6a
[ 1137.704172][    C0]        _raw_spin_lock_irqsave+0x3e/0x62
[ 1137.704548][    C0]        __wake_up_common_lock+0xc4/0x136
[ 1137.704929][    C0]        __wake_up+0x10/0x18
[ 1137.705278][    C0]        tty_wakeup+0x58/0xbe
[ 1137.705690][    C0]        tty_port_default_wakeup+0x2c/0x44
[ 1137.706077][    C0]        tty_port_tty_wakeup+0x3a/0x46
[ 1137.706453][    C0]        uart_write_wakeup+0x34/0x48
[ 1137.706781][    C0]        serial8250_tx_chars+0x322/0x592
[ 1137.707203][    C0]        serial8250_handle_irq.part.0+0x284/0x286
[ 1137.707655][    C0]        serial8250_default_handle_irq+0xac/0x142
[ 1137.708101][    C0]        serial8250_interrupt+0xbe/0x1a6
[ 1137.708488][    C0]        __handle_irq_event_percpu+0x16e/0x6ec
[ 1137.708866][    C0]        handle_irq_event+0x6a/0xfa
[ 1137.709180][    C0]        handle_fasteoi_irq+0x1c0/0x4d6
[ 1137.709589][    C0]        generic_handle_domain_irq+0x7c/0x9c
[ 1137.709925][    C0]        plic_handle_irq+0x122/0x242
[ 1137.710332][    C0]        generic_handle_domain_irq+0x7c/0x9c
[ 1137.710676][    C0]        riscv_intc_irq+0x7e/0xc8
[ 1137.711069][    C0]        generic_handle_arch_irq+0x36/0x54
[ 1137.711472][    C0]        ret_from_exception+0x0/0x10
[ 1137.711804][    C0]        _raw_spin_unlock_irqrestore+0x68/0x98
[ 1137.712164][    C0] 
[ 1137.712164][    C0] -> #1 (&port_lock_key){-...}-{2:2}:
[ 1137.712716][    C0]        lock_acquire.part.0+0x1d0/0x424
[ 1137.713095][    C0]        lock_acquire+0x54/0x6a
[ 1137.713486][    C0]        _raw_spin_lock_irqsave+0x3e/0x62
[ 1137.713838][    C0]        serial8250_console_write+0x848/0x8e6
[ 1137.714265][    C0]        univ8250_console_write+0x46/0x54
[ 1137.714623][    C0]        console_unlock+0x666/0x97a
[ 1137.715020][    C0]        register_console+0x250/0x534
[ 1137.715431][    C0]        uart_add_one_port+0xbf2/0xc14
[ 1137.715762][    C0]        serial8250_register_8250_port+0x8ce/0xc6e
[ 1137.716173][    C0]        of_platform_serial_probe+0x7ae/0xa9c
[ 1137.716527][    C0]        platform_probe+0xc8/0x172
[ 1137.716880][    C0]        really_probe+0x1a6/0x89e
[ 1137.717189][    C0]        __driver_probe_device+0x24a/0x2d4
[ 1137.717577][    C0]        driver_probe_device+0x60/0x1a4
[ 1137.717912][    C0]        __driver_attach+0x178/0x33e
[ 1137.718250][    C0]        bus_for_each_dev+0x122/0x194
[ 1137.718663][    C0]        driver_attach+0x32/0x3c
[ 1137.718954][    C0]        bus_add_driver+0x2c6/0x41a
[ 1137.719269][    C0]        driver_register+0x144/0x286
[ 1137.719594][    C0]        __platform_driver_register+0x46/0x52
[ 1137.719966][    C0]        of_platform_serial_driver_init+0x22/0x2a
[ 1137.720408][    C0]        do_one_initcall+0x13a/0x7ea
[ 1137.720728][    C0]        kernel_init_freeable+0x510/0x5b4
[ 1137.721101][    C0]        kernel_init+0x28/0x21c
[ 1137.721558][    C0]        ret_from_exception+0x0/0x10
[ 1137.721894][    C0] 
[ 1137.721894][    C0] -> #0 (console_owner){-.-.}-{0:0}:
[ 1137.722438][    C0]        check_noncircular+0x1de/0x1fe
[ 1137.722813][    C0]        __lock_acquire+0x19a4/0x333e
[ 1137.723170][    C0]        lock_acquire.part.0+0x1d0/0x424
[ 1137.723585][    C0]        lock_acquire+0x54/0x6a
[ 1137.723932][    C0]        console_unlock+0x304/0x97a
[ 1137.724341][    C0]        vprintk_emit+0xd2/0x416
[ 1137.724743][    C0]        vprintk_default+0x22/0x2e
[ 1137.725150][    C0]        vprintk+0x108/0x13e
[ 1137.725505][    C0]        _printk+0xa0/0xc8
[ 1137.725838][    C0]        kasan_report+0x9a/0x1e0
[ 1137.726271][    C0]        __asan_load8+0x6e/0x96
[ 1137.726582][    C0]        timerqueue_add+0xb0/0x1d0
[ 1137.726945][    C0]        __hrtimer_run_queues+0x8b4/0xa16
[ 1137.727323][    C0]        hrtimer_interrupt+0x1d4/0x3ea
[ 1137.727689][    C0]        riscv_timer_interrupt+0x5c/0x6a
[ 1137.728026][    C0]        handle_percpu_devid_irq+0x17e/0x2ae
[ 1137.728467][    C0]        generic_handle_domain_irq+0x7c/0x9c
[ 1137.728834][    C0]        riscv_intc_irq+0x7e/0xc8
[ 1137.729225][    C0]        generic_handle_arch_irq+0x36/0x54
[ 1137.729644][    C0]        ret_from_exception+0x0/0x10
[ 1137.730025][    C0] 
[ 1137.730025][    C0] other info that might help us debug this:
[ 1137.730025][    C0] 
[ 1137.730163][    C0] Chain exists of:
[ 1137.730163][    C0]   console_owner --> hrtimer_bases.lock --> report_lock
[ 1137.730163][    C0] 
[ 1137.730844][    C0]  Possible unsafe locking scenario:
[ 1137.730844][    C0] 
[ 1137.730941][    C0]        CPU0                    CPU1
[ 1137.731029][    C0]        ----                    ----
[ 1137.731120][    C0]   lock(report_lock);
[ 1137.731367][    C0]                                lock(hrtimer_bases.lock);
[ 1137.731649][    C0]                                lock(report_lock);
[ 1137.731922][    C0]   lock(console_owner);
[ 1137.732166][    C0] 
[ 1137.732166][    C0]  *** DEADLOCK ***
[ 1137.732166][    C0] 
[ 1137.732325][    C0] 14 locks held by syz-executor.1/2853:
[ 1137.732585][    C0]  #0: ffffffff855cf108 (rtnl_mutex){+.+.}-{3:3}, at: rtnetlink_rcv_msg+0x2fe/0x9a0
[ 1137.733755][    C0]  #1: ffffffff84c3a9c8 (remove_cache_srcu){....}-{0:0}, at: kasan_quarantine_reduce+0x46/0x1c8
[ 1137.734722][    C0]  #2: ffffffff84b73e00 (rcu_read_lock){....}-{1:2}, at: netif_receive_skb_list_internal+0x244/0x816
[ 1137.735765][    C0]  #3: ffffffff84b73e00 (rcu_read_lock){....}-{1:2}, at: ip_local_deliver_finish+0x7e/0x278
[ 1137.736750][    C0]  #4: ffffaf800f638cb0 (slock-AF_INET/1){+.-.}-{2:2}, at: tcp_v4_rcv+0x1bd4/0x1f46
[ 1137.737831][    C0]  #5: ffffffff84b73e00 (rcu_read_lock){....}-{1:2}, at: __ip_queue_xmit+0x0/0xeb2
[ 1137.738796][    C0]  #6: ffffffff84b73e60 (rcu_read_lock_bh){....}-{1:2}, at: ip_finish_output2+0x1b8/0x1720
[ 1137.739709][    C0]  #7: ffffffff84b73e60 (rcu_read_lock_bh){....}-{1:2}, at: __dev_queue_xmit+0x140/0x248c
[ 1137.740626][    C0]  #8: ffffaf800f62e258 (dev->qdisc_tx_busylock ?: &qdisc_tx_busylock){+...}-{2:2}, at: __dev_queue_xmit+0x11ba/0x248c
[ 1137.741665][    C0]  #9: ffffaf80073dbcd8 (_xmit_ETHER#2){+.-.}-{2:2}, at: sch_direct_xmit+0x300/0x464
[ 1137.742762][    C0]  #10: ffffffff84b73e00 (rcu_read_lock){....}-{1:2}, at: dev_queue_xmit_nit+0x0/0x73a
[ 1137.743706][    C0]  #11: ffffaf805a9cb418 (hrtimer_bases.lock){-.-.}-{2:2}, at: __hrtimer_run_queues+0x262/0xa16
[ 1137.744734][    C0]  #12: ffffffff84c3a588 (report_lock){-.-.}-{2:2}, at: kasan_report+0x84/0x1e0
[ 1137.745752][    C0]  #13: ffffffff84a88600 (console_lock){+.+.}-{0:0}, at: vprintk_default+0x22/0x2e
[ 1137.746813][    C0] 
[ 1137.746813][    C0] stack backtrace:
[ 1137.747225][    C0] CPU: 0 PID: 2853 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0
[ 1137.747686][    C0] Hardware name: riscv-virtio,qemu (DT)
[ 1137.748124][    C0] Call Trace:
[ 1137.748318][    C0] [<ffffffff8000a228>] dump_backtrace+0x2e/0x3c
[ 1137.748784][    C0] [<ffffffff831668cc>] show_stack+0x34/0x40
[ 1137.749159][    C0] [<ffffffff831756ba>] dump_stack_lvl+0xe4/0x150
[ 1137.749660][    C0] [<ffffffff83175742>] dump_stack+0x1c/0x24
[ 1137.750102][    C0] [<ffffffff8010f7b8>] print_circular_bug+0x34e/0x3d8
[ 1137.750555][    C0] [<ffffffff8010fa20>] check_noncircular+0x1de/0x1fe
[ 1137.750995][    C0] [<ffffffff80113c26>] __lock_acquire+0x19a4/0x333e
[ 1137.751444][    C0] [<ffffffff80116582>] lock_acquire.part.0+0x1d0/0x424
[ 1137.751898][    C0] [<ffffffff8011682a>] lock_acquire+0x54/0x6a
[ 1137.752333][    C0] [<ffffffff8011ee1c>] console_unlock+0x304/0x97a
[ 1137.752812][    C0] [<ffffffff8012183e>] vprintk_emit+0xd2/0x416
[ 1137.753376][    C0] [<ffffffff80121ba4>] vprintk_default+0x22/0x2e
[ 1137.753948][    C0] [<ffffffff8012254a>] vprintk+0x108/0x13e
[ 1137.754331][    C0] [<ffffffff83169c5c>] _printk+0xa0/0xc8
[ 1137.754725][    C0] [<ffffffff80474c62>] kasan_report+0x9a/0x1e0
[ 1137.755211][    C0] [<ffffffff80475b20>] __asan_load8+0x6e/0x96
[ 1137.755596][    C0] [<ffffffff80c2bca8>] timerqueue_add+0xb0/0x1d0
[ 1137.756025][    C0] [<ffffffff8016deea>] __hrtimer_run_queues+0x8b4/0xa16
[ 1137.756469][    C0] [<ffffffff8016f4a8>] hrtimer_interrupt+0x1d4/0x3ea
[ 1137.756898][    C0] [<ffffffff823375da>] riscv_timer_interrupt+0x5c/0x6a
[ 1137.757308][    C0] [<ffffffff801321ec>] handle_percpu_devid_irq+0x17e/0x2ae
[ 1137.757841][    C0] [<ffffffff80125944>] generic_handle_domain_irq+0x7c/0x9c
[ 1137.758281][    C0] [<ffffffff80c43d52>] riscv_intc_irq+0x7e/0xc8
[ 1137.758768][    C0] [<ffffffff831a1a1a>] generic_handle_arch_irq+0x36/0x54
[ 1137.759220][    C0] [<ffffffff80005724>] ret_from_exception+0x0/0x10
[ 1137.898768][    C0] BUG: KASAN: wild-memory-access in timerqueue_add+0xb0/0x1d0
[ 1137.900015][    C0] Read of size 8 at addr 80e700308097857e by task syz-executor.1/2853
[ 1137.901097][    C0] 
[ 1137.901676][    C0] CPU: 0 PID: 2853 Comm: syz-executor.1 Not tainted 5.17.0-rc1-syzkaller-00002-g0966d385830d #0
[ 1137.902881][    C0] Hardware name: riscv-virtio,qemu (DT)
[ 1137.904171][    C0] Call Trace:
[ 1137.905125][    C0] [<ffffffff8000a228>] dump_backtrace+0x2e/0x3c
[ 1137.906517][    C0] [<ffffffff831668cc>] show_stack+0x34/0x40
[ 1137.907572][    C0] [<ffffffff831756ba>] dump_stack_lvl+0xe4/0x150
[ 1137.908664][    C0] [<ffffffff80474da6>] kasan_report+0x1de/0x1e0
[ 1137.909786][    C0] [<ffffffff80475b20>] __asan_load8+0x6e/0x96
[ 1137.910821][    C0] [<ffffffff80c2bca8>] timerqueue_add+0xb0/0x1d0
[ 1137.911868][    C0] [<ffffffff8016deea>] __hrtimer_run_queues+0x8b4/0xa16
[ 1137.913084][    C0] [<ffffffff8016f4a8>] hrtimer_interrupt+0x1d4/0x3ea
[ 1137.914488][    C0] [<ffffffff823375da>] riscv_timer_interrupt+0x5c/0x6a
[ 1137.915554][    C0] [<ffffffff801321ec>] handle_percpu_devid_irq+0x17e/0x2ae
[ 1137.916684][    C0] [<ffffffff80125944>] generic_handle_domain_irq+0x7c/0x9c
[ 1137.917987][    C0] [<ffffffff80c43d52>] riscv_intc_irq+0x7e/0xc8
[ 1137.919204][    C0] [<ffffffff831a1a1a>] generic_handle_arch_irq+0x36/0x54
[ 1137.920308][    C0] [<ffffffff80005724>] ret_from_exception+0x0/0x10
[ 1137.921575][    C0] ==================================================================
[ 1137.923343][    C0] Unable to handle kernel paging request at virtual address 80e700308097857e
[ 1137.926285][    C0] Oops [#1]
[ 1137.927071][    C0] Modules linked in:
[ 1137.928049][    C0] CPU: 0 PID: 2853 Comm: syz-executor.1 Tainted: G    B             5.17.0-rc1-syzkaller-00002-g0966d385830d #0
[ 1137.929453][    C0] Hardware name: riscv-virtio,qemu (DT)
[ 1137.930171][    C0] epc : timerqueue_add+0xb0/0x1d0
[ 1137.931181][    C0]  ra : timerqueue_add+0xb0/0x1d0
[ 1137.932100][    C0] epc : ffffffff80c2bca8 ra : ffffffff80c2bca8 sp : ffffaf800babbbb0
[ 1137.933092][    C0]  gp : ffffffff85863ac0 tp : ffffaf8009e048c0 t0 : ffffffff86bcb657
[ 1137.934870][    C0]  t1 : fffffffef0b0dfa4 t2 : 0000000000000000 s0 : ffffaf800babbc00
[ 1137.935950][    C0]  s1 : 80e7003080978566 a0 : 0000000000000001 a1 : 0000000000000003
[ 1137.936904][    C0]  a2 : 1ffff5f0013c0919 a3 : ffffffff831afd3a a4 : 0000000000000000
[ 1137.937942][    C0]  a5 : ffffaf8009e058c0 a6 : 0000000000f00000 a7 : ffffffff8586fd23
[ 1137.938983][    C0]  s2 : ffffffff8016d8a8 s3 : 45010384c983edc0 s4 : ffffaf805a9cbd18
[ 1137.940020][    C0]  s5 : 000001089c152e80 s6 : 0000000000000000 s7 : ffffaf805a9cb4d0
[ 1137.941098][    C0]  s8 : ffffaf805a9cb490 s9 : ffffaf805a9cbd50 s10: ffffaf805a9cb400
[ 1137.942160][    C0]  s11: 0000000000010504 t3 : 000000000000003d t4 : fffffffef0b0dfa4
[ 1137.943067][    C0]  t5 : fffffffef0b0dfa5 t6 : ffffaf800babb618
[ 1137.944453][    C0] status: 0000000000000100 badaddr: 80e700308097857e cause: 000000000000000d
[ 1137.946672][    C0] [<ffffffff8016deea>] __hrtimer_run_queues+0x8b4/0xa16
[ 1137.947871][    C0] [<ffffffff8016f4a8>] hrtimer_interrupt+0x1d4/0x3ea
[ 1137.949023][    C0] [<ffffffff823375da>] riscv_timer_interrupt+0x5c/0x6a
[ 1137.950122][    C0] [<ffffffff801321ec>] handle_percpu_devid_irq+0x17e/0x2ae
[ 1137.951275][    C0] [<ffffffff80125944>] generic_handle_domain_irq+0x7c/0x9c
[ 1137.952342][    C0] [<ffffffff80c43d52>] riscv_intc_irq+0x7e/0xc8
[ 1137.954076][    C0] [<ffffffff831a1a1a>] generic_handle_arch_irq+0x36/0x54
[ 1137.955303][    C0] [<ffffffff80005724>] ret_from_exception+0x0/0x10
[ 1137.956903][    C0] ---[ end trace 0000000000000000 ]---
[ 1137.958193][    C0] Kernel panic - not syncing: Fatal exception in interrupt
[ 1137.959243][    C0] SMP: stopping secondary CPUs
[ 1137.960875][    C0] Rebooting in 86400 seconds..

VM DIAGNOSIS:
17:00:13  Registers:
info registers vcpu 0
 pc       ffffffff8011edb6
 mhartid  0000000000000000
 mstatus  00000000000001a0
 mip      00000000000000a0
 mie      000000000000020a
 mideleg  0000000000000222
 medeleg  000000000000b109
 mtvec    0000000080000540
 stvec    ffffffff800055d4
 mepc     ffffffff80200f00
 sepc     ffffffff80200f00
 mcause   8000000000000007
 scause   8000000000000005
 mtval  0000000000000000
 stval  0000000000000000
 x0/zero 0000000000000000 x1/ra ffffffff8011eda6 x2/sp ffffaf800babb7b0 x3/gp ffffffff85863ac0
 x4/tp ffffaf8009e048c0 x5/t0 ffffffff86bcb657 x6/t1 fffffffef0d796ca x7/t2 0000000000000000
 x8/s0 ffffaf800babb990 x9/s1 0000000000000000 x10/a0 0000000000000064 x11/a1 00000000000f0000
 x12/a2 0000000000010507 x13/a3 ffffffff8011c8a6 x14/a4 464bf78ffce41e00 x15/a5 0000000000000120
 x16/a6 ffffffff86bcb6a4 x17/a7 ffffffff86bcb656 x18/s2 0000000000000064 x19/s3 000000000000000f
 x20/s4 ffffaf800babb920 x21/s5 ffffaf800babb840 x22/s6 ffffffff8588c1a0 x23/s7 ffffffff8588c3e0
 x24/s8 ffffffff8588c220 x25/s9 ffffffff84a88520 x26/s10 ffffffff858655c0 x27/s11 ffffffff850d8410
 x28/t3 0000000066666666 x29/t4 fffffffef0d796c8 x30/t5 fffffffef0d796cb x31/t6 ffffffff86bcb657
 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000
 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000
 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000
 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000
 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000
 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000
 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000
 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000
info registers vcpu 1
 pc       ffffffff8016de12
 mhartid  0000000000000001
 mstatus  00000000000001a0
 mip      00000000000000a0
 mie      000000000000020a
 mideleg  0000000000000222
 medeleg  000000000000b109
 mtvec    0000000080000540
 stvec    ffffffff800055d4
 mepc     ffffffff80119b52
 sepc     ffffffff80119b52
 mcause   8000000000000007
 scause   8000000000000005
 mtval  0000000000000000
 stval  0000000000000000
 x0/zero 0000000000000000 x1/ra ffffffff8016de12 x2/sp ffffaf800efff3c0 x3/gp ffffffff85863ac0
 x4/tp ffffaf800bc71840 x5/t0 0000000000046000 x6/t1 fffff5ef0b53eb62 x7/t2 ffffffffffffffff
 x8/s0 ffffaf800efff520 x9/s1 ffffaf805a9e7d18 x10/a0 0000000000000000 x11/a1 ffffaf800bc71840
 x12/a2 0000000000010202 x13/a3 ffffffff8016ddf8 x14/a4 0000000000000003 x15/a5 0000000000000000
 x16/a6 0000000000f00000 x17/a7 ffffaf805a9f5b13 x18/s2 ffffaf805a9e7480 x19/s3 0000000000000001
 x20/s4 ffffaf805a9e7400 x21/s5 ffffaf800bc71840 x22/s6 ffffaf805a9e74c8 x23/s7 0000000000000000
 x24/s8 ffffaf805a9e7490 x25/s9 ffffaf805a9e7d50 x26/s10 ffffaf805a9e7400 x27/s11 ffffffff8018e412
 x28/t3 00007fff9abc328c x29/t4 fffff5ef0b53eb62 x30/t5 fffff5ef0b53eb63 x31/t6 0000000000de32a2
 f0/ft0 0000000000000000 f1/ft1 0000000000000000 f2/ft2 0000000000000000 f3/ft3 0000000000000000
 f4/ft4 0000000000000000 f5/ft5 0000000000000000 f6/ft6 0000000000000000 f7/ft7 0000000000000000
 f8/fs0 0000000000000000 f9/fs1 0000000000000000 f10/fa0 0000000000000000 f11/fa1 0000000000000000
 f12/fa2 0000000000000000 f13/fa3 0000000000000000 f14/fa4 0000000000000000 f15/fa5 0000000000000000
 f16/fa6 0000000000000000 f17/fa7 0000000000000000 f18/fs2 0000000000000000 f19/fs3 0000000000000000
 f20/fs4 0000000000000000 f21/fs5 0000000000000000 f22/fs6 0000000000000000 f23/fs7 0000000000000000
 f24/fs8 0000000000000000 f25/fs9 0000000000000000 f26/fs10 0000000000000000 f27/fs11 0000000000000000
 f28/ft8 0000000000000000 f29/ft9 0000000000000000 f30/ft10 0000000000000000 f31/ft11 0000000000000000