last executing test programs: 7.579541258s ago: executing program 0 (id=46): syz_80211_inject_frame(&(0x7f0000000040)=@broadcast, &(0x7f0000000240)=@data_frame={@msdu=@type11={{0x0, 0x2, 0x5, 0x1, 0x1, 0x1, 0x1}, {0x10}, @broadcast, @broadcast, @broadcast, {0x4, 0x2}, @device_b}, @a_msdu}, 0x1e) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000001500)=ANY=[@ANYBLOB="580000001000210404000000fcdbdf2500000000", @ANYRES32=0x0, @ANYBLOB="adffa888d226000024001280090001007866726d0000000014000280080001000300000008000200070000000a000100aa"], 0x58}}, 0xc080) r1 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r1, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_DELTABLE={0x0, 0x2, 0xa, 0x5, 0x0, 0x0, {0x7, 0x0, 0xa}, [@NFTA_TABLE_USERDATA={0x0, 0x6, "e65d75d4783a9a0689f27d7163c943207a2a30a82ba19ad934362c0650a1223887ca3182d47b9eb28161c0fbb5f0ad88b0a9caf01c1edae565043397495f5ef88dcd0bbd5204bdc41bb624fcca34c48455a9"}, @NFTA_TABLE_FLAGS={0x0, 0x2, 0x1, 0x0, 0x1}, @NFTA_TABLE_FLAGS, @NFTA_TABLE_NAME={0x0, 0x1, 'syz1\x00'}, @NFTA_TABLE_USERDATA={0x0, 0x6, "31581e006642f31075d82d58d28039919f881ac31c4e9537c5cc99c4706994aa72ce24ede3fc864e732c0e6b62bcd292a2945d1cb5b8075fa357f945cb43916f21f01f95e2371bd764efd843400ba5049433e4534edda77c2f67a867a5ef8171842c7434aa7aca7a9645286c53d7526ca8b133fabc68e1c9b8c99c13094732bc"}, @NFTA_TABLE_HANDLE={0x0, 0x4, 0x1, 0x0, 0x5}, @NFTA_TABLE_USERDATA={0x0, 0x6, "623f85611bbaae6864fad6bde738c9468e050f72b3631949907c3b17bcea6b54ec3f0d24abe7e16cbba84e3bcfef0f4610b01fe69ab44b29f7cb7c918c490200be916dc1f4ad60229f1d9dabe6306f81d60a97ac16b4ae84b4096605cda9f3a99266d42dd39bc690f300300277f49bde21d67de9875e7cbd2dedc2b418d2c8ac4444ab539d87210aafb135a4c0951840867b411f98b5542fec3fddfc7f202653f7c80fa56f840ba9e263d1712fd4342ba79735287641ce9f4ee71e7c4bf47bfb47cb5cb1"}, @NFTA_TABLE_FLAGS, @NFTA_TABLE_FLAGS={0x0, 0x2, 0x1, 0x0, 0x3}]}], {0x14, 0x11, 0x1, 0x0, 0x0, {0x7}}}, 0x7}, 0x1, 0x0, 0x0, 0x48c0}, 0x0) 7.029601648s ago: executing program 0 (id=48): r0 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r0, 0xc04064a0, &(0x7f00000001c0)={0x0, &(0x7f0000000040)=[0x0], 0x0, 0x0, 0x0, 0x1}) ioctl$DRM_IOCTL_MODE_SETCRTC(r0, 0xc06864a2, &(0x7f00000008c0)={0x0, 0x0, r1, 0x0, 0x0, 0x0, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3000000, "d20bddda7d1db9342de76eec7967fe97751f13a23aeaacb0565c1c2251560ed1"}}) syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000100), 0x1f, 0x0) ioctl$DRM_IOCTL_MODE_GETRESOURCES(r2, 0xc04064a0, &(0x7f00000009c0)={0x0, 0x0, &(0x7f0000000940)=[0x0], 0x0, 0x0, 0x0, 0x1}) r3 = getpid() syz_pidfd_open(r3, 0x0) syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) r4 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r4, 0x80045017, 0x0) r5 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) ioctl$SNDRV_PCM_IOCTL_WRITEI_FRAMES(r5, 0xc0844123, &(0x7f0000000080)={0x0, 0x0}) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000240)) r6 = openat$sr(0xffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$SG_IO(r6, 0x2285, &(0x7f0000000100)={0x53, 0x0, 0x0, 0x0, @scatter={0x0, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) socket$vsock_stream(0x28, 0x1, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r7, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000200)=ANY=[@ANYBLOB="1400000010000ec000000000000000000000000a20000000000a03000000000000000004010000000900010073797a30000000003c000000090a010400000000000000000100000008000a40000000000900020073797a32000000000900010073797a30000000000800054000000003780000000c0a01020000000000000000010000000900020073797a32000000004c000380480000800b000340000000003c000b80200007800e0001000000000000000006740000000c00028008000140000000001800018004000200636f6e6e6c696d6974000000040002800900010073797a3000"], 0xfc}}, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$packet(0x11, 0x3, 0x300) socket$inet_mptcp(0x2, 0x1, 0x106) socket$nl_netfilter(0x10, 0x3, 0xc) syz_open_dev$sndpcmc(&(0x7f0000004c40), 0x0, 0x0) syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) socket$inet6_udp(0xa, 0x2, 0x0) socket$can_bcm(0x1d, 0x2, 0x2) syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) socket$nl_netfilter(0x10, 0x3, 0xc) 6.920026113s ago: executing program 0 (id=49): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000240)={'netdevsim0\x00', 0x0}) r2 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f0000000000)=@newlink={0x4c, 0x10, 0x503, 0x0, 0x0, {0x0, 0x0, 0x7a00, 0x0, 0x1}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @macsec={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_MACSEC_ENCRYPT={0x5, 0xf, 0x2}]}}}, @IFLA_LINK={0x8, 0x5, r1}, @IFLA_MASTER={0x8, 0xa, r1}]}, 0x4c}}, 0x0) 6.839333805s ago: executing program 0 (id=51): ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f00000000c0)={'wlan1\x00'}) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000200)={0x11, 0x3, &(0x7f00000002c0)=@framed, &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000180)='kfree\x00', r1}, 0x10) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000240)=@newlink={0x40, 0x10, 0xff05, 0x0, 0x0, {0x0, 0x0, 0x4a00, 0x0, 0x8001}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @batadv={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @multicast}]}, 0x40}}, 0x0) pipe(&(0x7f0000000240)={0xffffffffffffffff}) r3 = socket$inet_udp(0x2, 0x2, 0x0) close(r3) splice(r2, 0x0, r3, 0x0, 0x4ffe6, 0x0) ioctl$USBDEVFS_CLEAR_HALT(r2, 0x80045515, &(0x7f0000000080)={0xa, 0x1}) r4 = openat$sysfs(0xffffffffffffff9c, &(0x7f00000002c0)='/sys/power/resume', 0x14ba82, 0x18) write$cgroup_int(r4, &(0x7f0000000000)=0xfe8e, 0x12) bpf$PROG_LOAD(0x5, 0x0, 0x0) getsockopt$inet6_int(0xffffffffffffffff, 0x29, 0x0, 0xffffffffffffffff, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x400000bce) r5 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r5, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r6 = socket$alg(0x26, 0x5, 0x0) setsockopt$ALG_SET_KEY(r6, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r7 = accept4(r6, 0x0, 0x0, 0x0) sendmsg$nl_route_sched_retired(r7, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000000040)=@newqdisc={0x24, 0x24, 0x0, 0x70bd2d, 0x0, {0x0, 0x0, 0x0, 0x0, {0x0, 0xfff1}}}, 0x24}}, 0x20000800) recvmmsg(r7, &(0x7f0000000700)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000300)=""/222, 0xde}, {&(0x7f0000000840)=""/134, 0x86}], 0x86}}], 0x2, 0x0, 0x0) r8 = socket$nl_route(0x10, 0x3, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r8, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000100)=ANY=[@ANYBLOB="b400000010000904f905cf58000000003f002200", @ANYRES32=0x0, @ANYBLOB="fffffffed9526cfd8400128009000100766c616e000000007400028006000100000600000c000200367da1650e000000280003800cef010001800000002000000c000100a1000000c84200000c0001000800000008000000340004800c00010006000000ff0300000c00010004000000080000000c00010004000000020000000c000100050000000300000008000500", @ANYRES8=r8], 0xb4}}, 0x0) syz_genetlink_get_family_id$mptcp(&(0x7f0000000400), r7) 4.549364299s ago: executing program 2 (id=59): syz_open_dev$video4linux(&(0x7f00000000c0), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f00000000c0)={0x0, 0x8d}, 0x0) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000680)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000180)='page_pool_release\x00', r0}, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000680)=ANY=[], &(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000bc0)={&(0x7f0000000180)='page_pool_release\x00', r1}, 0x10) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB="18020000040000aa0000000000000000850000004100000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) (async) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000040)={0x6, 0x8, &(0x7f0000000100)=ANY=[@ANYBLOB="18020000040000aa0000000000000000850000004100000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b702000000000000850000008600000095"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50) (async) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000380)={r3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x9}, 0x50) getpid() (async) r4 = getpid() sched_setscheduler(r4, 0x1, &(0x7f0000000000)=0x9) pipe(&(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) write$P9_RWRITE(r6, &(0x7f0000000040)={0xb}, 0x11000) write(r6, &(0x7f0000000140)='i', 0x1) read(r5, &(0x7f0000032440)=""/102379, 0x18feb) mount$fuse(0x0, 0x0, 0x0, 0x8, 0x0) (async) mount$fuse(0x0, 0x0, 0x0, 0x8, 0x0) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) (async) mbind(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x2, &(0x7f0000000000)=0x9, 0x8, 0x0) get_mempolicy(0x0, 0x0, 0x0, &(0x7f000033f000/0x2000)=nil, 0x3) sendmsg$nl_route_sched(0xffffffffffffffff, 0x0, 0x0) 4.42002225s ago: executing program 0 (id=60): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x5, 0x2, 0x13, 0x2}], 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r3 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0) r4 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0) ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000003080)={0x1, 0x0, 0x6, &(0x7f0000003040)={0x0, "f4e1a230be8f46463fb1a5f1b44f44eaa65e485b747aa95df8c01eaf07677d18bc"}}) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000005c0)={0xb, {'syz1\x00', 'syz1\x00', 'syz0\x00', 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "80"}}, 0x119) ioctl$LOOP_SET_CAPACITY(r3, 0x4c07) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r5, &(0x7f0000000100)={0x1f, 0xffff}, 0x6) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r6, 0x400455c8, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) socket$packet(0x11, 0x2, 0x300) syz_init_net_socket$rose(0xb, 0x5, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) mq_open(0x0, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x80000000001}) r7 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000200)={r7, r7, r7}, &(0x7f0000000040)=""/217, 0xd9, &(0x7f00000001c0)={&(0x7f0000000140)={'sha384-avx\x00'}}) 4.348965794s ago: executing program 2 (id=61): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x5, 0x2, 0x13, 0x2}], 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r3 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0) r4 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0) ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000003080)={0x1, 0x0, 0x6, &(0x7f0000003040)={0x0, "f4e1a230be8f46463fb1a5f1b44f44eaa65e485b747aa95df8c01eaf07677d18bc"}}) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000005c0)={0xb, {'syz1\x00', 'syz1\x00', 'syz0\x00', 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "80"}}, 0x119) ioctl$LOOP_SET_CAPACITY(r3, 0x4c07) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r5, &(0x7f0000000100)={0x1f, 0xffff}, 0x6) setsockopt$bt_hci_HCI_FILTER(r5, 0x0, 0x2, &(0x7f0000000440)={0xfffa, [0x0, 0xffffffff], 0x1000}, 0x10) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r6, 0x400455c8, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) syz_init_net_socket$rose(0xb, 0x5, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) mq_open(0x0, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x80000000001}) r7 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000200)={r7, r7, r7}, &(0x7f0000000040)=""/217, 0xd9, &(0x7f00000001c0)={&(0x7f0000000140)={'sha384-avx\x00'}}) 2.85997803s ago: executing program 1 (id=65): ioctl$TIOCSWINSZ(0xffffffffffffffff, 0x5414, &(0x7f0000000000)={0xf71, 0xfc5d, 0x2, 0x7}) r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./bus\x00', 0x40, 0x0) ioctl$PIO_UNIMAP(r0, 0x4b67, &(0x7f0000000300)={0x2, &(0x7f0000000280)=[{0x3f18, 0x8}, {0x0, 0x101}]}) (async) mount(&(0x7f0000000180)=@nullb, &(0x7f0000000080)='./bus\x00', &(0x7f00000000c0)='reiserfs\x00', 0x0, &(0x7f0000000100)='&@,,') (async) ioctl$DRM_IOCTL_GET_CLIENT(r0, 0xc0186405, &(0x7f0000000040)={0x2, 0x3, {0x0}, {0xffffffffffffffff}, 0x636c, 0x9}) (async, rerun: 32) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async, rerun: 32) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x9, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000180)=0x400000bce) (async) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) (async) sched_setscheduler(0x0, 0x1, &(0x7f0000000340)=0x7) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) (async, rerun: 64) ioctl$SNDRV_CTL_IOCTL_ELEM_ADD(0xffffffffffffffff, 0xc1105517, 0x0) (rerun: 64) r3 = syz_open_procfs(0x0, &(0x7f0000000200)='net/route\x00') read$msr(r3, &(0x7f0000000040)=""/59, 0xffb5) preadv(r3, &(0x7f0000000240)=[{&(0x7f0000000000)=""/31, 0x1f}], 0x1, 0x0, 0x8) (async, rerun: 64) socket$netlink(0x10, 0x3, 0x9) (rerun: 64) read$msr(r3, &(0x7f0000000080)=""/202, 0xca) (async) pipe(&(0x7f00000002c0)={0xffffffffffffffff}) r5 = socket$inet_udp(0x2, 0x2, 0x0) socketpair$unix(0x1, 0x5, 0x0, 0x0) splice(r4, 0x0, r5, 0x0, 0x4ffe6, 0x0) unshare(0x68060280) sched_setaffinity(r1, 0x8, &(0x7f0000000140)=0x1000) (async) fcntl$dupfd(0xffffffffffffffff, 0x0, 0xffffffffffffffff) 2.859679121s ago: executing program 1 (id=66): mkdir(&(0x7f0000000440)='./file0\x00', 0x0) openat(0xffffffffffffff9c, &(0x7f0000004280)='./file0\x00', 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) userfaultfd(0x80001) userfaultfd(0x1) r0 = openat$uinput(0xffffffffffffff9c, &(0x7f0000000000), 0x2, 0x0) write$uinput_user_dev(r0, &(0x7f00000005c0)={'syz0\x00', {}, 0x0, [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1000, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x6, 0x6], [0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x45c) r1 = dup(r0) r2 = epoll_create1(0x0) mount$9p_fd(0x0, &(0x7f0000000000)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000800)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESDEC=r2, @ANYBLOB=',wfdno=', @ANYRESHEX=r2]) ioctl$UI_DEV_CREATE(r1, 0x5501) write$uinput_user_dev(r1, &(0x7f0000000a40)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1f000000], [], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000]}, 0x45c) 2.729865154s ago: executing program 1 (id=70): bpf$PROG_LOAD(0x5, &(0x7f0000000640)={0x19, 0x4, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000710000000000000000000000611214000000000095"], &(0x7f0000000600)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_sockopt=0x15, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 2.729649564s ago: executing program 1 (id=71): r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f00000035c0)={0x0, 0x0, &(0x7f0000003580)={&(0x7f0000004980)=@newsa={0x138, 0x10, 0x1, 0x0, 0x25dfdbff, {{@in=@initdev={0xac, 0x1e, 0x1, 0x0}, @in6=@local, 0x0, 0x0, 0x2000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff}, {@in6=@local, 0x0, 0x6c}, @in6=@remote, {0x0, 0x0, 0x0, 0x791, 0x0, 0x0, 0x1000000000000000}, {0x0, 0x1}, {}, 0x0, 0x3507, 0xa, 0x1, 0x6}, [@algo_comp={0x48, 0x3, {{'lzs\x00'}}}]}, 0x138}}, 0x20000000) syz_clone3(&(0x7f0000000240)={0x804200, &(0x7f0000000000), &(0x7f0000000040), &(0x7f0000000080)=0x0, {0x12}, &(0x7f00000000c0)=""/69, 0x45, &(0x7f0000000140)=""/133, &(0x7f0000000200)=[0xffffffffffffffff, 0x0], 0x2}, 0x58) sched_setscheduler(r1, 0x5, &(0x7f00000002c0)=0x81) 2.629746994s ago: executing program 1 (id=72): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_SPLIT(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)={0x44, 0x0, 0x0, 0x0, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8}}]}, 0x44}}, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}]}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a00)={0x28, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)={0x24, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="fb64a10200000047191f2b4d927966641d", @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_i', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) read$FUSE(r1, &(0x7f0000006840)={0x2020}, 0x2020) 1.912265885s ago: executing program 2 (id=75): syz_open_dev$evdev(&(0x7f0000000240), 0x0, 0x0) r0 = socket$inet_smc(0x2b, 0x1, 0x0) syz_emit_ethernet(0x16e, 0x0, 0x0) setsockopt$IPT_SO_SET_REPLACE(r0, 0x4000000000000, 0x40, &(0x7f0000000500)=@raw={'raw\x00', 0x4001, 0x3, 0x204, 0x0, 0x0, 0x148, 0xdc, 0x148, 0x170, 0x240, 0x240, 0x170, 0x240, 0x7fffffe, 0x0, {[{{@uncond, 0x0, 0x94, 0xdc, 0x0, {0x78010000}, [@inet=@rpfilter={{0x24}, {0x4}}]}, @common=@inet=@TEE={0x48, 'TEE\x00', 0x1, {@ipv4=@broadcast, 'veth0_macvtap\x00', {0x7}}}}, {{@uncond, 0x0, 0x70, 0x94}, @common=@unspec=@STANDARD={0x24, '\x00', 0x0, 0xfffffffffffffffc}}], {{'\x00', 0x0, 0x70, 0x94}, {0x24}}}}, 0x260) 1.839598582s ago: executing program 2 (id=77): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NFC_CMD_GET_TARGET(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)={0x14, 0x0, 0x10}, 0x14}}, 0x0) r1 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nfc(&(0x7f0000000100), r1) r2 = socket$inet6_udp(0xa, 0x2, 0x0) r3 = socket$inet_tcp(0x2, 0x1, 0x0) setsockopt$ARPT_SO_SET_REPLACE(r3, 0x0, 0x60, &(0x7f0000000440)={'filter\x00', 0x104, 0x4, 0x3e8, 0x200, 0x200, 0x0, 0x300, 0x300, 0x300, 0x4, 0x0, {[{{@arp={@remote, @broadcast, 0x0, 0x0, 0x0, 0x0, {@mac=@link_local={0x2, 0x80, 0xc2, 0x7}}, {@mac=@link_local}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'pimreg\x00', 'erspan0\x00'}, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00', 0x0, 0x4}}}, {{@uncond, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}, {{@arp={@multicast1, @initdev={0xac, 0x1e, 0x0, 0x0}, 0x0, 0x0, 0x0, 0x0, {@mac=@remote}, {}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 'netdevsim0\x00', 'pim6reg\x00'}, 0xc0, 0x100}, @unspec=@RATEEST={0x40, 'RATEEST\x00', 0x0, {'syz1\x00'}}}], {{'\x00', 0xc0, 0xe8}, {0x28}}}}, 0x438) connect$inet(r3, &(0x7f0000000140)={0x2, 0x4e24, @multicast2}, 0x10) read$FUSE(0xffffffffffffffff, &(0x7f0000000740)={0x2020, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x2020) prlimit64(r4, 0xd, &(0x7f0000000000)={0x10, 0x7}, 0x0) r5 = io_uring_setup(0x67bb, &(0x7f00000000c0)={0x0, 0x0, 0x1}) io_uring_enter(r5, 0x0, 0xf2fb, 0xf, 0x0, 0x0) ioctl$sock_SIOCETHTOOL(r2, 0x8946, &(0x7f00000002c0)={'veth0_to_hsr\x00', &(0x7f0000000280)=@ethtool_channels={0x3d, 0x0, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x1}}) r6 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TIOCNOTTY(r6, 0x5422) r7 = syz_genetlink_get_family_id$nl802154(&(0x7f0000000300), r0) r8 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL802154_CMD_NEW_INTERFACE(r8, &(0x7f0000000480)={0x0, 0x0, &(0x7f00000006c0)={&(0x7f00000001c0)=ANY=[@ANYBLOB="1cfcc3b1e1fb195afb77d2e80a27e4000000", @ANYRES16=r7, @ANYBLOB="1e000000000f000000ab00010000010000000000b9df50d6324bf39c5b425c137b2d641b111d6529ba6f51ad2bc59cec3ffbfd2f6e7bd45809dc2f53cbe67c4d42fc"], 0x1c}, 0x1, 0x0, 0x0, 0x8050}, 0x0) 1.837224586s ago: executing program 2 (id=79): bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x2, 0x3, &(0x7f00000002c0)=@framed={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xf0}}, &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x12, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) 1.824697302s ago: executing program 0 (id=80): sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) (async, rerun: 64) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) (rerun: 64) r1 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000000), 0x88002, 0x0) pwritev(r1, &(0x7f00000000c0)=[{0x0}, {&(0x7f0000000140)="de", 0x1}], 0x2, 0x0, 0x0) (async) setsockopt$MRT_DEL_VIF(r1, 0x0, 0xcb, &(0x7f0000000240)={0x0, 0x0, 0xf9, 0x3, @vifc_lcl_addr=@remote, @private=0xa010100}, 0x10) (async, rerun: 32) socket$inet_udp(0x2, 0x2, 0x0) (async, rerun: 32) stat(&(0x7f0000000380)='./file0\x00', &(0x7f0000000640)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) fsetxattr$security_capability(0xffffffffffffffff, &(0x7f0000000480), &(0x7f0000000500)=@v3={0x3000000, [{0x4, 0x5e}, {0x1, 0xffffffff}], r2}, 0x18, 0x0) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c0000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x1, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r5 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f00000000c0)='sys_enter\x00', r4}, 0x10) (async) socket$nl_generic(0x10, 0x3, 0x10) sendmsg$NL80211_CMD_TESTMODE(0xffffffffffffffff, 0x0, 0x0) (async, rerun: 64) rt_sigprocmask(0x0, &(0x7f0000000000)={[0xfffffffffffffffd]}, 0x0, 0x8) (async, rerun: 64) epoll_create1(0x0) (async) ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, 0x0) (async) r6 = getpid() r7 = openat$dlm_monitor(0xffffff9c, &(0x7f0000000040), 0x4000, 0x0) ioctl$UFFDIO_ZEROPAGE(r7, 0xc020aa04, &(0x7f0000000180)={{&(0x7f0000ffe000/0x1000)=nil, 0x1000}}) r8 = gettid() fsmount(r7, 0x0, 0x80) (async) rt_tgsigqueueinfo(r6, r8, 0x11, &(0x7f0000000080)={0x0, 0x0, 0x1}) (async, rerun: 32) r9 = socket$nl_route(0x10, 0x3, 0x0) (rerun: 32) sendmsg$nl_route(r9, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000004c0)=ANY=[@ANYBLOB="3400000011000100000000000020000000000000", @ANYRES32=0x0, @ANYBLOB="0000000000000000140003006d61637365633000000004bd00000000"], 0x34}}, 0x0) (async) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000440)={&(0x7f0000000300)=ANY=[@ANYRESOCT=r5, @ANYRESHEX=r3], 0x0, 0xca, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x28) syz_open_dev$midi(&(0x7f0000000000), 0x2, 0x0) (async) ioctl$SNDRV_RAWMIDI_IOCTL_INFO(0xffffffffffffffff, 0x810c5701, 0x0) rt_sigtimedwait(&(0x7f0000000340)={[0x7fffffff]}, &(0x7f0000000380), 0x0, 0x8) (async) setsockopt$inet_sctp6_SCTP_I_WANT_MAPPED_V4_ADDR(0xffffffffffffffff, 0x84, 0xc, 0x0, 0x0) 1.739520343s ago: executing program 2 (id=81): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x5, 0x2, 0x13, 0x2}], 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r3 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0) r4 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0) ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000003080)={0x1, 0x0, 0x6, &(0x7f0000003040)={0x0, "f4e1a230be8f46463fb1a5f1b44f44eaa65e485b747aa95df8c01eaf07677d18bc"}}) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000005c0)={0xb, {'syz1\x00', 'syz1\x00', 'syz0\x00', 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "80"}}, 0x119) ioctl$LOOP_SET_CAPACITY(r3, 0x4c07) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_FILTER(r5, 0x0, 0x2, &(0x7f0000000440)={0xfffa, [0x0, 0xffffffff], 0x1000}, 0x10) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r6, 0x400455c8, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) socket$packet(0x11, 0x2, 0x300) syz_init_net_socket$rose(0xb, 0x5, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) mq_open(0x0, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x80000000001}) r7 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000200)={r7, r7, r7}, &(0x7f0000000040)=""/217, 0xd9, &(0x7f00000001c0)={&(0x7f0000000140)={'sha384-avx\x00'}}) 1.339297685s ago: executing program 1 (id=82): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, &(0x7f0000000340)=[{0x0, 0x1, 0xa, 0xb}, {0x5, 0x2, 0x13, 0x2}], 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r3 = syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0) r4 = syz_open_dev$I2C(&(0x7f0000003000), 0x0, 0x0) ioctl$I2C_SMBUS(r4, 0x720, &(0x7f0000003080)={0x1, 0x0, 0x6, &(0x7f0000003040)={0x0, "f4e1a230be8f46463fb1a5f1b44f44eaa65e485b747aa95df8c01eaf07677d18bc"}}) write$UHID_CREATE2(0xffffffffffffffff, &(0x7f00000005c0)={0xb, {'syz1\x00', 'syz1\x00', 'syz0\x00', 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, "80"}}, 0x119) ioctl$LOOP_SET_CAPACITY(r3, 0x4c07) r5 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$bt_hci_HCI_FILTER(r5, 0x0, 0x2, &(0x7f0000000440)={0xfffa, [0x0, 0xffffffff], 0x1000}, 0x10) r6 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r6, 0x5423, &(0x7f00000000c0)=0xf) ioctl$TCFLSH(r6, 0x400455c8, 0x0) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) socket$packet(0x11, 0x2, 0x300) syz_init_net_socket$rose(0xb, 0x5, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) mq_open(0x0, 0x0, 0x0, &(0x7f0000000180)={0x0, 0x80000000001}) r7 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0xc9, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000200)={r7, r7, r7}, &(0x7f0000000040)=""/217, 0xd9, &(0x7f00000001c0)={&(0x7f0000000140)={'sha384-avx\x00'}}) 859.696397ms ago: executing program 3 (id=85): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f00000015c0), 0x2, 0x0) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) (async) ioctl$VHOST_SET_VRING_BASE(r0, 0xaf01, 0x0) setsockopt$SO_TIMESTAMPING(0xffffffffffffffff, 0x1, 0x41, &(0x7f0000000040)=0x1df67, 0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000000000000000002004000b7080000000000007b8af8ff00000000b7080000000200007b8af0ff00000000bfa100000000000007010000f8ffffffbfa400000000000007040000f0ffffffb7020000080000001823", @ANYBLOB="0000000000000000b70500000800000085000000a50000009500000000000000"], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000200)={0x8, 0x4}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x4, 0x7fff, 0x6}, 0x10, 0x0, 0x0, 0x4, 0x0, &(0x7f0000000340)=[{0x0, 0x3, 0xa, 0xb}, {0x2, 0x2, 0xf, 0x7}, {0x5, 0x2, 0x13, 0x2}, {0x5, 0x1, 0x5, 0x9}], 0x10, 0x35, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0) (async) r1 = syz_clone(0x800c000, &(0x7f0000001480), 0x0, 0x0, 0x0, 0x0) kcmp(r1, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) (async) kcmp(r1, 0x0, 0x2, 0xffffffffffffffff, 0xffffffffffffffff) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) (async) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) (async) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) (async) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, 0x0) socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)) (async) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = socket$nl_route(0x10, 0x3, 0x0) r7 = syz_io_uring_setup(0x10d, &(0x7f0000000580)={0x0, 0x40001, 0x1, 0x2, 0x30f, 0x0, r6}, &(0x7f0000000380)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) (async) syz_memcpy_off$IO_URING_METADATA_GENERIC(r8, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r8, r9, &(0x7f00000002c0)=@IORING_OP_ACCEPT={0xd, 0x0, 0x0, r5, &(0x7f00000004c0)}) creat(&(0x7f0000000040)='./file0\x00', 0x0) r10 = socket(0x2000000015, 0x80005, 0x0) bind$inet6(r10, &(0x7f0000000180)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r10, 0x0, 0x0, 0x0, &(0x7f00000000c0)={0xa, 0x0, 0x0, @loopback}, 0x1c) io_uring_enter(r7, 0x3f70, 0x0, 0x0, 0x0, 0x0) 229.747547ms ago: executing program 3 (id=86): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f000000c2c0)={0x0, 0xfffffffffffffe01, &(0x7f0000000200)={&(0x7f0000000340)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000140000000a78000000060a0b0400000000000000000200000038000480340001800b00010074617267657400002400028010000100434f4e4e5345434d41524b0005000300ef00000008000240000000000900010073797a30000000000900020073797a3200000000140005800800024000000000080001400080"], 0xa0}}, 0x0) 228.735611ms ago: executing program 3 (id=87): r0 = socket$kcm(0x10, 0x3, 0x0) sendmsg$kcm(r0, &(0x7f0000000600)={0x0, 0x6c00, &(0x7f0000000040)=[{&(0x7f0000000000)="2e00000010008188e6b62aa73f72cc9f0ba1f848140000005e140602006800000e000a0010000000028000001294", 0x2e}], 0x1}, 0x0) 139.72984ms ago: executing program 3 (id=88): r0 = socket$inet6(0xa, 0x9c25d491fc7d71d1, 0xfffffffe) connect$inet6(r0, &(0x7f0000000080)={0xa, 0x0, 0x0, @loopback}, 0x1c) r1 = openat$ttynull(0xffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCCONS(r1, 0x541d) close(r0) 59.860736ms ago: executing program 3 (id=89): bpf$MAP_CREATE(0x100000000000000, &(0x7f0000000140)=@base={0xa, 0x16, 0xb4, 0x7f, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000040)={0x11, 0x4, &(0x7f0000000680)=@framed={{0x18, 0x8}, [@exit]}, &(0x7f0000000000)='GPL\x00', 0x4, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x3000000, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) 0s ago: executing program 3 (id=90): socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$devlink(&(0x7f0000000580), 0xffffffffffffffff) sendmsg$DEVLINK_CMD_PORT_SPLIT(0xffffffffffffffff, &(0x7f0000000680)={0x0, 0x0, &(0x7f0000000640)={&(0x7f00000005c0)={0x44, 0x0, 0x0, 0x0, 0x0, {}, [{{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0x8}}, {0x8}}]}, 0x44}}, 0x0) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x2, @pix_mp={0x0, 0x0, 0x34324152, 0x0, 0xa, [{}, {0x10}]}}) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sendmsg$nl_route(0xffffffffffffffff, 0x0, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) r1 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000180), 0x42, 0x0) syz_80211_inject_frame(0x0, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r2, 0x8933, &(0x7f00000000c0)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r2, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)={0x24, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) sendmsg$NL80211_CMD_CONNECT(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000a00)={0x28, r3, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r4}, @void}}, [@NL80211_ATTR_SSID={0xa, 0x34, @default_ap_ssid}]}, 0x28}}, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xa, 0x2, 0xfff, 0x7, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b70400000000000085000000c300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000f40)={&(0x7f0000000f00)='kfree\x00'}, 0x10) r6 = socket$nl_generic(0x10, 0x3, 0x10) r7 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000700)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r6, &(0x7f0000000340)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000bc0)={0x24, r7, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r8}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x9}]}, 0x24}}, 0x0) mount$fuse(0x0, 0x0, &(0x7f0000002100), 0x0, &(0x7f0000000380)=ANY=[@ANYBLOB="fb64a10200000047191f2b4d927966641d", @ANYRESHEX=r1, @ANYBLOB=',rootmode=00000000000000000040000,user_i', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0, @ANYBLOB=',\x00']) read$FUSE(r1, &(0x7f0000006840)={0x2020}, 0x2020) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:13141' (ED25519) to the list of known hosts. [ 34.004511][ T5324] cgroup: Unknown subsys name 'net' [ 34.152722][ T5324] cgroup: Unknown subsys name 'cpuset' [ 34.155870][ T5324] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 35.109896][ T5324] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 37.035328][ T5345] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 37.042525][ T5341] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 37.046933][ T5341] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 37.049714][ T5341] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 37.051298][ T5347] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 37.054525][ T5350] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 37.054933][ T5347] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 37.056544][ T5350] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 37.058903][ T5347] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 37.060832][ T5350] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 37.062441][ T5347] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 37.065609][ T5350] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 37.066347][ T5347] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 37.068428][ T5350] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 37.071928][ T5341] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 37.072938][ T5350] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 37.074921][ T5341] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 37.078403][ T5350] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 37.079317][ T5341] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 37.083194][ T5350] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 37.091035][ T5341] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 37.091777][ T64] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 37.099855][ T5341] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 37.101988][ T5341] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 37.251481][ T5343] chnl_net:caif_netlink_parms(): no params data found [ 37.292867][ T5339] chnl_net:caif_netlink_parms(): no params data found [ 37.379098][ T5346] chnl_net:caif_netlink_parms(): no params data found [ 37.435191][ T5343] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.437339][ T5343] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.439297][ T5343] bridge_slave_0: entered allmulticast mode [ 37.441567][ T5343] bridge_slave_0: entered promiscuous mode [ 37.457131][ T5343] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.459074][ T5343] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.461766][ T5343] bridge_slave_1: entered allmulticast mode [ 37.463869][ T5343] bridge_slave_1: entered promiscuous mode [ 37.517641][ T5352] chnl_net:caif_netlink_parms(): no params data found [ 37.530008][ T5343] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 37.532781][ T5339] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.534612][ T5339] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.536454][ T5339] bridge_slave_0: entered allmulticast mode [ 37.538341][ T5339] bridge_slave_0: entered promiscuous mode [ 37.553396][ T5343] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 37.562971][ T5339] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.564835][ T5339] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.566689][ T5339] bridge_slave_1: entered allmulticast mode [ 37.568648][ T5339] bridge_slave_1: entered promiscuous mode [ 37.618341][ T5346] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.620373][ T5346] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.622227][ T5346] bridge_slave_0: entered allmulticast mode [ 37.624215][ T5346] bridge_slave_0: entered promiscuous mode [ 37.643202][ T5343] team0: Port device team_slave_0 added [ 37.646857][ T5339] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 37.652446][ T5339] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 37.655581][ T5346] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.658144][ T5346] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.661862][ T5346] bridge_slave_1: entered allmulticast mode [ 37.664223][ T5346] bridge_slave_1: entered promiscuous mode [ 37.694706][ T5343] team0: Port device team_slave_1 added [ 37.729305][ T5346] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 37.732983][ T5352] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.734815][ T5352] bridge0: port 1(bridge_slave_0) entered disabled state [ 37.736685][ T5352] bridge_slave_0: entered allmulticast mode [ 37.739043][ T5352] bridge_slave_0: entered promiscuous mode [ 37.753598][ T5343] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 37.755422][ T5343] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 37.762004][ T5343] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 37.774863][ T5346] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 37.786764][ T5352] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.788791][ T5352] bridge0: port 2(bridge_slave_1) entered disabled state [ 37.791320][ T5352] bridge_slave_1: entered allmulticast mode [ 37.794253][ T5352] bridge_slave_1: entered promiscuous mode [ 37.797282][ T5343] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 37.799115][ T5343] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 37.806396][ T5343] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 37.811253][ T5339] team0: Port device team_slave_0 added [ 37.849660][ T5339] team0: Port device team_slave_1 added [ 37.862190][ T5346] team0: Port device team_slave_0 added [ 37.864890][ T5346] team0: Port device team_slave_1 added [ 37.875623][ T5352] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 37.886002][ T5339] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 37.887838][ T5339] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 37.894655][ T5339] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 37.916579][ T5346] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 37.918423][ T5346] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 37.925218][ T5346] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 37.929639][ T5352] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 37.932456][ T5339] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 37.934286][ T5339] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 37.941309][ T5339] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 37.953769][ T5343] hsr_slave_0: entered promiscuous mode [ 37.955756][ T5343] hsr_slave_1: entered promiscuous mode [ 37.958346][ T5346] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 37.960597][ T5346] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 37.967250][ T5346] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 37.989458][ T5352] team0: Port device team_slave_0 added [ 38.012276][ T5352] team0: Port device team_slave_1 added [ 38.056393][ T5339] hsr_slave_0: entered promiscuous mode [ 38.058304][ T5339] hsr_slave_1: entered promiscuous mode [ 38.060032][ T5339] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 38.063308][ T5339] Cannot create hsr debugfs directory [ 38.065192][ T5352] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.067128][ T5352] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.074243][ T5352] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.078885][ T5346] hsr_slave_0: entered promiscuous mode [ 38.081810][ T5346] hsr_slave_1: entered promiscuous mode [ 38.083561][ T5346] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 38.085512][ T5346] Cannot create hsr debugfs directory [ 38.091070][ T5352] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.093560][ T5352] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.104398][ T5352] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.192909][ T5352] hsr_slave_0: entered promiscuous mode [ 38.195279][ T5352] hsr_slave_1: entered promiscuous mode [ 38.197038][ T5352] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 38.198991][ T5352] Cannot create hsr debugfs directory [ 38.370973][ T5343] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 38.375907][ T5343] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 38.379258][ T5343] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 38.382423][ T5343] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 38.399865][ T5346] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 38.403708][ T5346] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 38.407112][ T5346] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 38.410281][ T5346] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 38.429072][ T5352] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 38.433730][ T5352] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 38.436989][ T5352] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 38.439925][ T5352] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 38.467430][ T5339] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 38.470899][ T5339] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 38.474535][ T5339] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 38.477385][ T5339] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 38.500256][ T5346] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.515533][ T5346] 8021q: adding VLAN 0 to HW filter on device team0 [ 38.525017][ T5343] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.532650][ T1178] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.534626][ T1178] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.543097][ T1178] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.544974][ T1178] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.549974][ T5343] 8021q: adding VLAN 0 to HW filter on device team0 [ 38.561603][ T1104] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.563486][ T1104] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.566046][ T1104] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.567886][ T1104] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.583415][ T5352] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.593356][ T5346] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 38.612877][ T5352] 8021q: adding VLAN 0 to HW filter on device team0 [ 38.620629][ T5339] 8021q: adding VLAN 0 to HW filter on device bond0 [ 38.623498][ T1104] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.625564][ T1104] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.644807][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.646720][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.649904][ T5339] 8021q: adding VLAN 0 to HW filter on device team0 [ 38.668595][ T76] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.670525][ T76] bridge0: port 1(bridge_slave_0) entered forwarding state [ 38.674135][ T76] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.675979][ T76] bridge0: port 2(bridge_slave_1) entered forwarding state [ 38.696713][ T5343] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 38.707475][ T5346] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 38.728919][ T5343] veth0_vlan: entered promiscuous mode [ 38.742105][ T5343] veth1_vlan: entered promiscuous mode [ 38.751482][ T5346] veth0_vlan: entered promiscuous mode [ 38.758669][ T5346] veth1_vlan: entered promiscuous mode [ 38.763236][ T5352] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 38.769066][ T5343] veth0_macvtap: entered promiscuous mode [ 38.773919][ T5343] veth1_macvtap: entered promiscuous mode [ 38.785179][ T5346] veth0_macvtap: entered promiscuous mode [ 38.788991][ T5343] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 38.793404][ T5343] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 38.796450][ T5346] veth1_macvtap: entered promiscuous mode [ 38.802465][ T5343] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.804831][ T5343] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.807076][ T5343] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.809328][ T5343] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.827934][ T5352] veth0_vlan: entered promiscuous mode [ 38.830637][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 38.833419][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 38.836484][ T5346] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 38.842368][ T5339] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 38.851476][ T5352] veth1_vlan: entered promiscuous mode [ 38.854240][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 38.856995][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 38.860096][ T5346] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 38.870392][ T5346] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.872729][ T5346] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.875004][ T5346] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.877273][ T5346] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.891949][ T1093] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.894064][ T1093] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.918325][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.920747][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.920757][ T5352] veth0_macvtap: entered promiscuous mode [ 38.932444][ T5339] veth0_vlan: entered promiscuous mode [ 38.937578][ T5352] veth1_macvtap: entered promiscuous mode [ 38.943745][ T1097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.945788][ T1097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.949411][ T5339] veth1_vlan: entered promiscuous mode [ 38.955060][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 38.957859][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 38.961298][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 38.964390][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 38.968454][ T5352] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 38.969738][ T5343] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 38.977480][ T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.979552][ T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.986449][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 38.989857][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 38.993396][ T5352] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 38.996400][ T5352] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.000537][ T5352] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.007045][ T5339] veth0_macvtap: entered promiscuous mode [ 39.011539][ T5352] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.013845][ T5352] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.016196][ T5352] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.018787][ T5352] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.023863][ T5339] veth1_macvtap: entered promiscuous mode [ 39.037618][ T5339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.045458][ T5339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.048295][ T5339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.052339][ T5339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.055644][ T5339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.059273][ T5339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.064472][ T5339] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.074272][ T5339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.076997][ T5339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.079497][ T5339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.084381][ T5339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.086904][ T5339] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.089563][ T5339] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.093167][ T5339] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.103171][ T5339] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.105465][ T5339] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.108044][ T5339] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.110552][ T5339] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.141978][ T1093] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.144053][ T1093] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.161733][ T5347] Bluetooth: hci3: command tx timeout [ 39.163049][ T1097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.163458][ T5347] Bluetooth: hci1: command tx timeout [ 39.165377][ T1097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.168826][ T5347] Bluetooth: hci2: command tx timeout [ 39.171079][ T5347] Bluetooth: hci0: command tx timeout [ 39.199583][ T1093] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.221480][ T76] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.223428][ T1093] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.225782][ T76] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.402684][ T5408] overlayfs: failed to resolve './file1': -2 [ 39.411011][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 39.559637][ T5404] fuse: Unknown parameter 'ūd”' [ 39.889709][ T68] Bluetooth: hci4: Frame reassembly failed (-84) [ 39.964221][ T5400] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 40.010754][ T5381] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 40.166657][ T5381] usb 6-1: config 1 contains an unexpected descriptor of type 0x1, skipping [ 40.170675][ T5381] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 40.174335][ T5381] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 40.176965][ T5381] usb 6-1: config 1 interface 0 altsetting 0 has 0 endpoint descriptors, different from the interface descriptor's value: 1 [ 40.184624][ T5381] usb 6-1: New USB device found, idVendor=0525, idProduct=a402, bcdDevice= 0.40 [ 40.187774][ T5381] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 40.190122][ T5381] usb 6-1: Product: syz [ 40.191608][ T5381] usb 6-1: Manufacturer: syz [ 40.193121][ T5381] usb 6-1: SerialNumber: syz [ 40.204348][ T5381] cdc_ncm 6-1:1.0: skipping garbage [ 40.206290][ T5381] cdc_ncm 6-1:1.0: skipping garbage [ 40.207977][ T5381] cdc_ncm 6-1:1.0: invalid descriptor buffer length [ 40.211655][ T5381] cdc_ncm 6-1:1.0: CDC Union missing and no IAD found [ 40.217695][ T5381] cdc_ncm 6-1:1.0: bind() failure [ 40.237884][ T1097] Bluetooth: hci5: Frame reassembly failed (-84) [ 40.243896][ T1097] Bluetooth: hci5: Frame reassembly failed (-84) [ 40.265558][ T1097] Bluetooth: hci5: Frame reassembly failed (-84) [ 40.432921][ T5420] input: syz0 as /devices/virtual/input/input5 [ 40.639993][ T8] usb 6-1: USB disconnect, device number 2 [ 40.759815][ T1104] Bluetooth: hci6: Frame reassembly failed (-84) [ 40.765869][ T1104] Bluetooth: hci6: Frame reassembly failed (-84) [ 41.241123][ T64] Bluetooth: hci0: command tx timeout [ 41.241802][ T5350] Bluetooth: hci2: command tx timeout [ 41.242892][ T5345] Bluetooth: hci1: command tx timeout [ 41.243349][ T5354] Bluetooth: hci3: command tx timeout [ 41.335705][ T5435] fuse: Unknown parameter 'ūd”' [ 41.883386][ T5433] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 41.961643][ T5345] Bluetooth: hci4: command 0x1003 tx timeout [ 41.964333][ T5341] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 42.280309][ T5347] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 42.293835][ T1178] Bluetooth: hci4: Frame reassembly failed (-84) [ 42.491771][ T5442] netlink: 'syz.2.12': attribute type 3 has an invalid length. [ 42.493878][ T5442] netlink: 'syz.2.12': attribute type 3 has an invalid length. [ 42.512346][ T5442] netlink: 'syz.2.12': attribute type 3 has an invalid length. [ 42.514394][ T5442] netlink: 'syz.2.12': attribute type 3 has an invalid length. [ 42.540997][ T5442] netlink: 'syz.2.12': attribute type 3 has an invalid length. [ 42.543006][ T5442] netlink: 'syz.2.12': attribute type 3 has an invalid length. [ 42.770320][ T4786] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 42.772147][ T64] Bluetooth: hci6: command 0x1003 tx timeout [ 43.157965][ T12] Bluetooth: hci5: Frame reassembly failed (-84) [ 43.160139][ T1097] Bluetooth: hci6: Frame reassembly failed (-84) [ 43.320332][ T5341] Bluetooth: hci2: command tx timeout [ 43.320371][ T5345] Bluetooth: hci0: command tx timeout [ 43.321774][ T5350] Bluetooth: hci1: command tx timeout [ 43.331231][ T5345] Bluetooth: hci3: command tx timeout [ 43.747993][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 43.820296][ T0] NOHZ tick-stop error: local softirq work is pending, handler #80!!! [ 44.361068][ T5345] Bluetooth: hci4: command 0x1003 tx timeout [ 44.361534][ T5347] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 44.377413][ T5468] netlink: 4 bytes leftover after parsing attributes in process `syz.2.17'. [ 44.437963][ T5470] fuse: Bad value for 'fd' [ 44.552375][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 44.554706][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 44.840716][ T0] NOHZ tick-stop error: local softirq work is pending, handler #48!!! [ 44.874025][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 45.160914][ T64] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 45.160957][ T4786] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 45.164343][ T4786] Bluetooth: hci6: command 0x1003 tx timeout [ 45.400573][ T5347] Bluetooth: hci3: command tx timeout [ 45.400638][ T64] Bluetooth: hci2: command tx timeout [ 45.400663][ T4786] Bluetooth: hci0: command tx timeout [ 45.400689][ T4786] Bluetooth: hci1: command tx timeout [ 45.706445][ T12] Bluetooth: hci4: Frame reassembly failed (-84) [ 45.706561][ T1097] Bluetooth: hci5: Frame reassembly failed (-84) [ 45.709868][ T12] Bluetooth: hci6: Frame reassembly failed (-84) [ 47.720769][ T5341] Bluetooth: hci5: command 0x1003 tx timeout [ 47.723045][ T5341] Bluetooth: hci4: command 0x1003 tx timeout [ 47.723327][ T64] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 47.724766][ T5345] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 47.724805][ T5341] Bluetooth: hci6: command 0x1003 tx timeout [ 47.725473][ T5347] Bluetooth: hci6: Opcode 0x1003 failed: -110 [ 47.802323][ T5509] fuse: Bad value for 'fd' [ 47.865404][ T5512] netlink: 4 bytes leftover after parsing attributes in process `syz.0.26'. [ 47.960300][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 47.962834][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 47.972848][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.104630][ T5529] fuse: Unknown parameter 'ūd”' [ 48.861346][ T1097] Bluetooth: hci4: Frame reassembly failed (-84) [ 48.953683][ T5515] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 49.642913][ T5541] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 49.700714][ T68] Bluetooth: hci5: Frame reassembly failed (-84) [ 50.297713][ T5555] syz.1.40 uses obsolete (PF_INET,SOCK_PACKET) [ 50.760282][ T5345] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 50.862039][ T5573] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 50.872355][ T5573] netlink: 8 bytes leftover after parsing attributes in process `syz.0.46'. [ 50.876711][ T5573] xfrm1: entered allmulticast mode [ 51.425493][ T5575] netlink: 'syz.0.48': attribute type 3 has an invalid length. [ 51.428537][ T5575] netlink: 'syz.0.48': attribute type 3 has an invalid length. [ 51.443142][ T5575] netlink: 'syz.0.48': attribute type 3 has an invalid length. [ 51.445629][ T5575] netlink: 'syz.0.48': attribute type 3 has an invalid length. [ 51.479007][ T5575] netlink: 'syz.0.48': attribute type 3 has an invalid length. [ 51.482323][ T5575] netlink: 'syz.0.48': attribute type 3 has an invalid length. [ 51.538230][ T5583] netdevsim netdevsim0 netdevsim0: entered promiscuous mode [ 51.547380][ T5583] netdevsim netdevsim0 netdevsim0: left promiscuous mode [ 51.570229][ T5584] input: syz0 as /devices/virtual/input/input6 [ 51.720296][ T5345] Bluetooth: hci5: command 0x1003 tx timeout [ 51.720345][ T64] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 51.897668][ T5590] netlink: 8 bytes leftover after parsing attributes in process `syz.0.51'. [ 51.903090][ T5590] netlink: 36 bytes leftover after parsing attributes in process `syz.0.51'. [ 51.934903][ T5590] vlan2: entered allmulticast mode [ 51.940329][ T5590] syz_tun: entered allmulticast mode [ 52.272247][ T5599] netdevsim netdevsim3 netdevsim0: set [1, 1] type 2 family 0 port 20000 - 0 [ 52.274670][ T5599] netdevsim netdevsim3 netdevsim1: set [1, 1] type 2 family 0 port 20000 - 0 [ 52.276974][ T5599] netdevsim netdevsim3 netdevsim2: set [1, 1] type 2 family 0 port 20000 - 0 [ 52.279514][ T5599] netdevsim netdevsim3 netdevsim3: set [1, 1] type 2 family 0 port 20000 - 0 [ 52.287306][ T5599] netdevsim netdevsim3 netdevsim0: unset [1, 1] type 2 family 0 port 20000 - 0 [ 52.290135][ T5599] netdevsim netdevsim3 netdevsim1: unset [1, 1] type 2 family 0 port 20000 - 0 [ 52.293167][ T5599] netdevsim netdevsim3 netdevsim2: unset [1, 1] type 2 family 0 port 20000 - 0 [ 52.296793][ T5599] netdevsim netdevsim3 netdevsim3: unset [1, 1] type 2 family 0 port 20000 - 0 [ 52.301669][ T5599] geneve2: entered promiscuous mode [ 52.303172][ T5599] geneve2: entered allmulticast mode [ 53.930078][ T5614] Driver unsupported XDP return value 0 on prog (id 12) dev N/A, expect packet loss! [ 54.577718][ T1178] Bluetooth: hci4: Frame reassembly failed (-84) [ 54.582077][ T76] Bluetooth: hci5: Frame reassembly failed (-84) [ 54.970118][ T5622] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 55.508383][ T5635] FAULT_INJECTION: forcing a failure. [ 55.508383][ T5635] name failslab, interval 1, probability 0, space 0, times 1 [ 55.512665][ T5635] CPU: 1 UID: 0 PID: 5635 Comm: syz.3.62 Not tainted 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0 [ 55.515441][ T5635] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 55.518238][ T5635] Call Trace: [ 55.519108][ T5635] [ 55.519912][ T5635] dump_stack_lvl+0x16c/0x1f0 [ 55.521168][ T5635] should_fail_ex+0x497/0x5b0 [ 55.522411][ T5635] ? fs_reclaim_acquire+0xae/0x150 [ 55.523749][ T5635] should_failslab+0xc2/0x120 [ 55.525009][ T5635] __kmalloc_noprof+0xcb/0x410 [ 55.526273][ T5635] ieee80211_assign_beacon+0x3b3/0x1d80 [ 55.527728][ T5635] ? genl_rcv_msg+0x565/0x800 [ 55.528980][ T5635] ? netlink_rcv_skb+0x165/0x410 [ 55.530312][ T5635] ? netlink_unicast+0x53c/0x7f0 [ 55.531839][ T5635] ? __ieee80211_link_copy_chanctx_to_vlans+0x1bc/0x5a0 [ 55.533804][ T5635] ieee80211_start_ap+0x1e8a/0x3120 [ 55.535183][ T5635] ? __pfx_ieee80211_start_ap+0x10/0x10 [ 55.536080][ T5637] netlink: 12 bytes leftover after parsing attributes in process `syz.1.64'. [ 55.536731][ T5635] ? _cfg80211_chandef_usable+0x2fb/0x12c0 [ 55.541104][ T5635] ? cfg80211_find_elem_match+0x156/0x190 [ 55.542800][ T5635] nl80211_start_ap+0x2ca5/0x4950 [ 55.544258][ T5635] ? __pfx_nl80211_start_ap+0x10/0x10 [ 55.545689][ T5635] ? ref_tracker_alloc+0x2ef/0x5b0 [ 55.547081][ T5635] ? __pfx_netdev_run_todo+0x10/0x10 [ 55.548597][ T5635] ? __pfx___mutex_lock+0x10/0x10 [ 55.549949][ T5635] ? nl80211_pre_doit+0x1b0/0xb10 [ 55.551281][ T5635] genl_family_rcv_msg_doit+0x202/0x2f0 [ 55.553231][ T5635] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 55.554832][ T5635] ? bpf_lsm_capable+0x9/0x10 [ 55.556226][ T5635] ? security_capable+0x7e/0x260 [ 55.557532][ T5635] ? ns_capable+0xd7/0x110 [ 55.558711][ T5635] genl_rcv_msg+0x565/0x800 [ 55.559931][ T5635] ? __pfx_genl_rcv_msg+0x10/0x10 [ 55.561275][ T5635] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 55.562782][ T5635] ? __pfx_nl80211_start_ap+0x10/0x10 [ 55.564411][ T5635] ? __pfx_nl80211_post_doit+0x10/0x10 [ 55.566027][ T5635] netlink_rcv_skb+0x165/0x410 [ 55.567517][ T5635] ? __pfx_genl_rcv_msg+0x10/0x10 [ 55.568539][ T5639] workqueue: Failed to create a rescuer kthread for wq "reiserfs/nullb0": -EINTR [ 55.568893][ T5635] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 55.568913][ T5635] ? down_read+0xc9/0x330 [ 55.569116][ T5639] REISERFS warning (device nullb0): reiserfs_fill_super: Cannot allocate commit workqueue [ 55.571288][ T5635] ? __pfx_down_read+0x10/0x10 [ 55.571305][ T5635] ? netlink_deliver_tap+0x1ae/0xcf0 [ 55.571318][ T5635] genl_rcv+0x28/0x40 [ 55.571329][ T5635] netlink_unicast+0x53c/0x7f0 [ 55.571342][ T5635] ? __pfx_netlink_unicast+0x10/0x10 [ 55.571353][ T5635] ? __phys_addr_symbol+0x30/0x80 [ 55.571365][ T5635] ? __check_object_size+0x488/0x710 [ 55.571379][ T5635] netlink_sendmsg+0x8b8/0xd70 [ 55.571392][ T5635] ? __pfx_netlink_sendmsg+0x10/0x10 [ 55.571404][ T5635] ? lock_acquire+0x2f/0xb0 [ 55.571421][ T5635] ____sys_sendmsg+0x9ae/0xb40 [ 55.590574][ T5635] ? __pfx_____sys_sendmsg+0x10/0x10 [ 55.591990][ T5635] ? get_compat_msghdr+0x11b/0x170 [ 55.593329][ T5635] ? __pfx___lock_acquire+0x10/0x10 [ 55.594701][ T5635] ___sys_sendmsg+0x135/0x1e0 [ 55.595948][ T5635] ? __pfx____sys_sendmsg+0x10/0x10 [ 55.597319][ T5635] ? lock_acquire+0x2f/0xb0 [ 55.598518][ T5635] ? __fget_files+0x40/0x3f0 [ 55.599724][ T5635] ? fdget+0x176/0x210 [ 55.600947][ T5635] __sys_sendmsg+0x117/0x1f0 [ 55.602165][ T5635] ? __pfx___sys_sendmsg+0x10/0x10 [ 55.603499][ T5635] ? __fget_files+0x244/0x3f0 [ 55.604767][ T5635] __do_fast_syscall_32+0x73/0x120 [ 55.606105][ T5635] do_fast_syscall_32+0x32/0x80 [ 55.607468][ T5635] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 55.609162][ T5635] RIP: 0023:0xf7f90579 [ 55.610232][ T5635] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 55.615457][ T5635] RSP: 002b:00000000f571656c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 55.617729][ T5635] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 00000000200001c0 [ 55.619811][ T5635] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 55.621888][ T5635] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 55.623923][ T5635] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 55.626159][ T5635] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 55.628243][ T5635] [ 55.665614][ T5647] xt_NFQUEUE: number of total queues is 0 [ 55.669121][ T5648] input: syz0 as /devices/virtual/input/input7 [ 55.671882][ T39] audit: type=1326 audit(1729170394.870:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5646 comm="syz.3.67" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f90579 code=0x0 [ 55.675036][ T30] kernel read not supported for file /uinput (pid: 30 comm: kworker/1:0) [ 55.746048][ T5653] netlink: 4 bytes leftover after parsing attributes in process `syz.1.71'. [ 56.460751][ T5657] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 56.520337][ T64] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 56.601139][ T5347] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 56.601255][ T64] Bluetooth: hci5: command 0x1003 tx timeout [ 57.372548][ T1097] Bluetooth: hci5: Frame reassembly failed (-84) [ 58.275264][ T5703] netlink: 'syz.3.87': attribute type 10 has an invalid length. [ 58.277414][ T5703] team0: Device batadv0 is up. Set it down before adding it as a team port [ 58.678216][ T5711] ------------[ cut here ]------------ [ 58.679723][ T5711] WARNING: CPU: 0 PID: 5711 at net/mac80211/driver-ops.c:460 drv_link_info_changed+0x117/0x870 [ 58.682609][ T5711] Modules linked in: [ 58.683840][ T5711] CPU: 0 UID: 0 PID: 5711 Comm: syz.3.90 Not tainted 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0 [ 58.687999][ T5711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 58.691321][ T5711] RIP: 0010:drv_link_info_changed+0x117/0x870 [ 58.693107][ T5711] Code: 9f 51 10 f7 44 89 ff 48 c7 c6 60 37 9d 8c e8 30 54 10 f7 41 83 ff 0b 77 0b b8 82 08 00 00 4c 0f a3 f8 72 0e e8 7a 51 10 f7 90 <0f> 0b 90 e9 61 03 00 00 e8 6c 51 10 f7 41 8d 47 f6 31 ff 83 e0 fd [ 58.698894][ T5711] RSP: 0018:ffffc90022caeec8 EFLAGS: 00010283 [ 58.701080][ T5711] RAX: 0000000000001001 RBX: ffff888060f40cc0 RCX: ffffc9000ceb1000 [ 58.703191][ T5711] RDX: 0000000000040000 RSI: ffffffff8a7c6796 RDI: 0000000000000005 [ 58.705305][ T5711] RBP: ffff888060910e40 R08: 0000000000000005 R09: 000000000000000b [ 58.707402][ T5711] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000200 [ 58.709504][ T5711] R13: 0000000000000200 R14: ffff888060f42958 R15: 0000000000000002 [ 58.711782][ T5711] FS: 0000000000000000(0000) GS:ffff88802b400000(0063) knlGS:00000000f56d4b40 [ 58.714191][ T5711] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 58.715963][ T5711] CR2: 00000000f73f0070 CR3: 0000000063bc8000 CR4: 0000000000352ef0 [ 58.718101][ T5711] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 58.720374][ T5711] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 58.722456][ T5711] Call Trace: [ 58.723360][ T5711] [ 58.724192][ T5711] ? __warn+0xea/0x3d0 [ 58.725312][ T5711] ? drv_link_info_changed+0x117/0x870 [ 58.726773][ T5711] ? report_bug+0x3c0/0x580 [ 58.728050][ T5711] ? handle_bug+0x54/0xa0 [ 58.729261][ T5711] ? exc_invalid_op+0x17/0x50 [ 58.730649][ T5711] ? asm_exc_invalid_op+0x1a/0x20 [ 58.732038][ T5711] ? drv_link_info_changed+0x116/0x870 [ 58.733533][ T5711] ? drv_link_info_changed+0x117/0x870 [ 58.735033][ T5711] ? drv_link_info_changed+0x116/0x870 [ 58.736530][ T5711] ? __pfx_mac80211_hwsim_flush+0x10/0x10 [ 58.738091][ T5711] ieee80211_link_info_change_notify+0x2c1/0x350 [ 58.739814][ T5711] ieee80211_offchannel_stop_vifs+0x328/0x5b0 [ 58.741529][ T5711] __ieee80211_start_scan+0x1089/0x1ce0 [ 58.743048][ T5711] ? __pfx___ieee80211_start_scan+0x10/0x10 [ 58.744687][ T5711] ieee80211_scan+0x1d2/0x330 [ 58.746003][ T5711] cfg80211_scan+0x4be/0x730 [ 58.747257][ T5711] ? ieee80211_get_num_supported_channels+0xa8/0x100 [ 58.749074][ T5711] cfg80211_conn_scan+0x5cc/0xd00 [ 58.750548][ T5711] cfg80211_connect+0x17f4/0x1f60 [ 58.751971][ T5711] ? __pfx_cfg80211_connect+0x10/0x10 [ 58.753449][ T5711] ? lockdep_hardirqs_on+0x7c/0x110 [ 58.754885][ T5711] ? nl80211_crypto_settings+0xbf3/0xf90 [ 58.756424][ T5711] nl80211_connect+0x1661/0x21f0 [ 58.757798][ T5711] ? __pfx_nl80211_connect+0x10/0x10 [ 58.759258][ T5711] ? __mutex_trylock_common+0xea/0x250 [ 58.760850][ T5711] ? nl80211_pre_doit+0x1b0/0xb10 [ 58.762253][ T5711] genl_family_rcv_msg_doit+0x202/0x2f0 [ 58.763777][ T5711] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 58.765450][ T5711] ? irqentry_exit+0x3b/0x90 [ 58.766711][ T5711] ? lockdep_hardirqs_on+0x7c/0x110 [ 58.768223][ T5711] ? genl_rcv_msg+0x67d/0x800 [ 58.769632][ T5711] genl_rcv_msg+0x565/0x800 [ 58.770998][ T5711] ? __pfx_genl_rcv_msg+0x10/0x10 [ 58.772435][ T5711] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 58.773887][ T5711] ? __pfx_nl80211_connect+0x10/0x10 [ 58.775309][ T5711] ? __pfx_nl80211_post_doit+0x10/0x10 [ 58.776791][ T5711] netlink_rcv_skb+0x165/0x410 [ 58.778091][ T5711] ? __pfx_genl_rcv_msg+0x10/0x10 [ 58.779474][ T5711] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 58.781042][ T5711] ? down_read+0xc9/0x330 [ 58.782240][ T5711] ? __pfx_down_read+0x10/0x10 [ 58.783529][ T5711] ? rcu_is_watching+0x12/0xc0 [ 58.784827][ T5711] genl_rcv+0x28/0x40 [ 58.785919][ T5711] netlink_unicast+0x53c/0x7f0 [ 58.787218][ T5711] ? __pfx_netlink_unicast+0x10/0x10 [ 58.788642][ T5711] ? __phys_addr_symbol+0x30/0x80 [ 58.790411][ T5711] ? __check_object_size+0x488/0x710 [ 58.791983][ T5711] netlink_sendmsg+0x8b8/0xd70 [ 58.793317][ T5711] ? __pfx_netlink_sendmsg+0x10/0x10 [ 58.794771][ T5711] ? lock_acquire+0x2f/0xb0 [ 58.796023][ T5711] ____sys_sendmsg+0x9ae/0xb40 [ 58.797319][ T5711] ? __pfx_____sys_sendmsg+0x10/0x10 [ 58.798725][ T5711] ? get_compat_msghdr+0x11b/0x170 [ 58.800283][ T5711] ___sys_sendmsg+0x135/0x1e0 [ 58.801760][ T5711] ? __pfx____sys_sendmsg+0x10/0x10 [ 58.803201][ T5711] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 58.804817][ T5711] ? fdget+0x176/0x210 [ 58.805927][ T5711] __sys_sendmsg+0x117/0x1f0 [ 58.807184][ T5711] ? __pfx___sys_sendmsg+0x10/0x10 [ 58.808579][ T5711] ? bpf_trace_run2+0x2a6/0x590 [ 58.809938][ T5711] ? rcu_is_watching+0x12/0xc0 [ 58.811354][ T5711] __do_fast_syscall_32+0x73/0x120 [ 58.812797][ T5711] do_fast_syscall_32+0x32/0x80 [ 58.814131][ T5711] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 58.815810][ T5711] RIP: 0023:0xf7f90579 [ 58.816914][ T5711] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 58.822272][ T5711] RSP: 002b:00000000f56d456c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 58.824517][ T5711] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000200001c0 [ 58.826582][ T5711] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 58.828670][ T5711] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 58.830792][ T5711] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 58.832926][ T5711] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 58.835005][ T5711] [ 58.835861][ T5711] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 58.837749][ T5711] CPU: 0 UID: 0 PID: 5711 Comm: syz.3.90 Not tainted 6.12.0-rc3-syzkaller-00087-gc964ced77262 #0 [ 58.840421][ T5711] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 58.843181][ T5711] Call Trace: [ 58.844068][ T5711] [ 58.844848][ T5711] dump_stack_lvl+0x3d/0x1f0 [ 58.846065][ T5711] panic+0x71d/0x800 [ 58.847095][ T5711] ? __pfx_panic+0x10/0x10 [ 58.848272][ T5711] ? show_trace_log_lvl+0x29d/0x3d0 [ 58.849630][ T5711] ? drv_link_info_changed+0x117/0x870 [ 58.851048][ T5711] check_panic_on_warn+0xab/0xb0 [ 58.852359][ T5711] __warn+0xf6/0x3d0 [ 58.853388][ T5711] ? drv_link_info_changed+0x117/0x870 [ 58.854813][ T5711] report_bug+0x3c0/0x580 [ 58.855952][ T5711] handle_bug+0x54/0xa0 [ 58.857042][ T5711] exc_invalid_op+0x17/0x50 [ 58.858234][ T5711] asm_exc_invalid_op+0x1a/0x20 [ 58.859510][ T5711] RIP: 0010:drv_link_info_changed+0x117/0x870 [ 58.861100][ T5711] Code: 9f 51 10 f7 44 89 ff 48 c7 c6 60 37 9d 8c e8 30 54 10 f7 41 83 ff 0b 77 0b b8 82 08 00 00 4c 0f a3 f8 72 0e e8 7a 51 10 f7 90 <0f> 0b 90 e9 61 03 00 00 e8 6c 51 10 f7 41 8d 47 f6 31 ff 83 e0 fd [ 58.866054][ T5711] RSP: 0018:ffffc90022caeec8 EFLAGS: 00010283 [ 58.867623][ T5711] RAX: 0000000000001001 RBX: ffff888060f40cc0 RCX: ffffc9000ceb1000 [ 58.869674][ T5711] RDX: 0000000000040000 RSI: ffffffff8a7c6796 RDI: 0000000000000005 [ 58.871726][ T5711] RBP: ffff888060910e40 R08: 0000000000000005 R09: 000000000000000b [ 58.873768][ T5711] R10: 0000000000000002 R11: 0000000000000000 R12: 0000000000000200 [ 58.875806][ T5711] R13: 0000000000000200 R14: ffff888060f42958 R15: 0000000000000002 [ 58.877848][ T5711] ? drv_link_info_changed+0x116/0x870 [ 58.879265][ T5711] ? drv_link_info_changed+0x116/0x870 [ 58.880696][ T5711] ? __pfx_mac80211_hwsim_flush+0x10/0x10 [ 58.882179][ T5711] ieee80211_link_info_change_notify+0x2c1/0x350 [ 58.883820][ T5711] ieee80211_offchannel_stop_vifs+0x328/0x5b0 [ 58.885409][ T5711] __ieee80211_start_scan+0x1089/0x1ce0 [ 58.886845][ T5711] ? __pfx___ieee80211_start_scan+0x10/0x10 [ 58.888392][ T5711] ieee80211_scan+0x1d2/0x330 [ 58.889622][ T5711] cfg80211_scan+0x4be/0x730 [ 58.890849][ T5711] ? ieee80211_get_num_supported_channels+0xa8/0x100 [ 58.892593][ T5711] cfg80211_conn_scan+0x5cc/0xd00 [ 58.893915][ T5711] cfg80211_connect+0x17f4/0x1f60 [ 58.895240][ T5711] ? __pfx_cfg80211_connect+0x10/0x10 [ 58.896642][ T5711] ? lockdep_hardirqs_on+0x7c/0x110 [ 58.897995][ T5711] ? nl80211_crypto_settings+0xbf3/0xf90 [ 58.899457][ T5711] nl80211_connect+0x1661/0x21f0 [ 58.900756][ T5711] ? __pfx_nl80211_connect+0x10/0x10 [ 58.902136][ T5711] ? __mutex_trylock_common+0xea/0x250 [ 58.903574][ T5711] ? nl80211_pre_doit+0x1b0/0xb10 [ 58.904912][ T5711] genl_family_rcv_msg_doit+0x202/0x2f0 [ 58.906356][ T5711] ? __pfx_genl_family_rcv_msg_doit+0x10/0x10 [ 58.907932][ T5711] ? irqentry_exit+0x3b/0x90 [ 58.909132][ T5711] ? lockdep_hardirqs_on+0x7c/0x110 [ 58.910481][ T5711] ? genl_rcv_msg+0x67d/0x800 [ 58.911715][ T5711] genl_rcv_msg+0x565/0x800 [ 58.912919][ T5711] ? __pfx_genl_rcv_msg+0x10/0x10 [ 58.914227][ T5711] ? __pfx_nl80211_pre_doit+0x10/0x10 [ 58.915611][ T5711] ? __pfx_nl80211_connect+0x10/0x10 [ 58.916990][ T5711] ? __pfx_nl80211_post_doit+0x10/0x10 [ 58.918411][ T5711] netlink_rcv_skb+0x165/0x410 [ 58.919663][ T5711] ? __pfx_genl_rcv_msg+0x10/0x10 [ 58.920985][ T5711] ? __pfx_netlink_rcv_skb+0x10/0x10 [ 58.922371][ T5711] ? down_read+0xc9/0x330 [ 58.923490][ T5711] ? __pfx_down_read+0x10/0x10 [ 58.924767][ T5711] ? rcu_is_watching+0x12/0xc0 [ 58.926028][ T5711] genl_rcv+0x28/0x40 [ 58.927083][ T5711] netlink_unicast+0x53c/0x7f0 [ 58.928342][ T5711] ? __pfx_netlink_unicast+0x10/0x10 [ 58.929723][ T5711] ? __phys_addr_symbol+0x30/0x80 [ 58.931044][ T5711] ? __check_object_size+0x488/0x710 [ 58.932441][ T5711] netlink_sendmsg+0x8b8/0xd70 [ 58.933714][ T5711] ? __pfx_netlink_sendmsg+0x10/0x10 [ 58.935097][ T5711] ? lock_acquire+0x2f/0xb0 [ 58.936305][ T5711] ____sys_sendmsg+0x9ae/0xb40 [ 58.937561][ T5711] ? __pfx_____sys_sendmsg+0x10/0x10 [ 58.938941][ T5711] ? get_compat_msghdr+0x11b/0x170 [ 58.940294][ T5711] ___sys_sendmsg+0x135/0x1e0 [ 58.941538][ T5711] ? __pfx____sys_sendmsg+0x10/0x10 [ 58.942897][ T5711] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 58.944439][ T5711] ? fdget+0x176/0x210 [ 58.945510][ T5711] __sys_sendmsg+0x117/0x1f0 [ 58.946731][ T5711] ? __pfx___sys_sendmsg+0x10/0x10 [ 58.948089][ T5711] ? bpf_trace_run2+0x2a6/0x590 [ 58.949361][ T5711] ? rcu_is_watching+0x12/0xc0 [ 58.950587][ T5711] __do_fast_syscall_32+0x73/0x120 [ 58.951946][ T5711] do_fast_syscall_32+0x32/0x80 [ 58.953212][ T5711] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 58.954854][ T5711] RIP: 0023:0xf7f90579 [ 58.955925][ T5711] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 58.960862][ T5711] RSP: 002b:00000000f56d456c EFLAGS: 00000296 ORIG_RAX: 0000000000000172 [ 58.963001][ T5711] RAX: ffffffffffffffda RBX: 0000000000000007 RCX: 00000000200001c0 [ 58.965052][ T5711] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 58.967084][ T5711] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 58.969129][ T5711] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 58.971171][ T5711] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 58.973222][ T5711] [ 58.974628][ T5711] Kernel Offset: disabled [ 58.975831][ T5711] Rebooting in 86400 seconds.. VM DIAGNOSIS: 13:06:38 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000060 RBX=00000000000003fd RCX=0000000000000000 RDX=00000000000003fd RSI=ffffffff8503dcc0 RDI=ffffffff9a63f260 RBP=ffffffff9a63f220 RSP=ffffc90022cae7d0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000020 R14=fffffbfff34c7e9e R15=dffffc0000000000 RIP=ffffffff8503dce7 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b400000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f73f0070 CR3=0000000063bc8000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=0000000025dbe000 RCX=ffffffff813e96c0 RDX=ffff888022288000 RSI=ffffffff813e96ca RDI=0000000000000006 RBP=ffff8880a5dbe000 RSP=ffffc9000340f5e0 R8 =0000000000000006 R9 =ffff8880a5dbe000 R10=0000000025dbe000 R11=0000000000000000 R12=0000000000000000 R13=ffff888029fd63c0 R14=ffff888029fd63c8 R15=ffffed10053fac79 RIP=ffffffff818cb951 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fbb720ecd00 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055dd045e9000 CR3=0000000029cb6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=22d774e722d774e7 22d774e722d774e7 22d774e722d774e7 22d774e722d774e7 22d774e722d774e7 22d774e722d774e7 22d774e722d774e7 22d774e722d774e7 ZMM22=8d1945578d194557 8d1945578d194557 8d1945578d194557 8d1945578d194557 8d1945578d194557 8d1945578d194557 8d1945578d194557 8d1945578d194557 ZMM23=6cc7ca996cc7ca99 6cc7ca996cc7ca99 6cc7ca996cc7ca99 6cc7ca996cc7ca99 6cc7ca996cc7ca99 6cc7ca996cc7ca99 6cc7ca996cc7ca99 6cc7ca996cc7ca99 ZMM24=226fe61a226fe61a 226fe61a226fe61a 226fe61a226fe61a 226fe61a226fe61a 226fe61a226fe61a 226fe61a226fe61a 226fe61a226fe61a 226fe61a226fe61a ZMM25=f11137cff11137cf f11137cff11137cf f11137cff11137cf f11137cff11137cf f11137cff11137cf f11137cff11137cf f11137cff11137cf f11137cff11137cf ZMM26=8186413a8186413a 8186413a8186413a 8186413a8186413a 8186413a8186413a 8186413a8186413a 8186413a8186413a 8186413a8186413a 8186413a8186413a ZMM27=a6967c9ba6967c9b a6967c9ba6967c9b a6967c9ba6967c9b a6967c9ba6967c9b a6967c9ba6967c9b a6967c9ba6967c9b a6967c9ba6967c9b a6967c9ba6967c9b ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=4a0200004a020000 4a0200004a020000 4a0200004a020000 4a0200004a020000 4a0200004a020000 4a0200004a020000 4a0200004a020000 4a0200004a020000 info registers vcpu 2 CPU#2 RAX=fffff52000765f5c RBX=0000000000000000 RCX=1ffffffff2039449 RDX=dffffc0000000000 RSI=ffff888024abaf20 RDI=ffff888024aba440 RBP=ffffc90003b2fbf0 RSP=ffffc90003b2fab0 R8 =0000000000000000 R9 =0000000000000001 R10=ffffffff901ce48f R11=0000000000000000 R12=ffff888024aba440 R13=dffffc0000000000 R14=0000000000000002 R15=1ffff92000765f5c RIP=ffffffff8169e1d5 RFL=00000086 [--S--P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f46e1a9d280 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f723511a CR3=000000005c256000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000feffffd0 Opmask01=0000000000004211 Opmask02=000000000000ffdf Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd2938aa10 0000003000000010 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 2a2a2a2a2a2a2a2a 2a2a2a2a2a2a2a2a ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff0000ff000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff000000000000 ffffff00ffffff00 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffff0000ff000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 656c696620732520 6465746165726300 0a73253a47000a73 253d73253a45000a ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 40494c4305560005 4140514440574600 0a56001f47000a56 001856001f45000a ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000071 0000000000000000 33706f6f6c2f6b63 6f6c622f6c617574 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 5341494c41444f4d 0000000000000021 000000000000302e ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a2433273f397b27 697a787c69303b7e 69305f474f5b647c 69303a2433273f39 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 383a3a263d383a3a 263c383a3a263f38 3a3a263e383a3a26 39383a3a2638383a ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=ffff7fffffffffff RBX=ffffed1004451a6b RCX=ffffffff8169f9fb RDX=0000000000000000 RSI=0000000000000008 RDI=ffffffff9698fcf8 RBP=00000000000005d3 RSP=ffffc9000629f9c0 R8 =0000000000000000 R9 =fffffbfff2d31f9f R10=ffffffff9698fcff R11=0000000000000000 R12=dffffc0000000000 R13=0000000000000000 R14=0000000000000004 R15=ffff88802228c880 RIP=ffffffff81edfa49 RFL=00000083 [--S---C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f46e1a9d280 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f56f3c80 CR3=0000000020e50000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000044000001 Opmask01=0000000000000000 Opmask02=000000007ffeffff Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 4b5f5455504e495f 4449006b636f6c62 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd2938adf0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffd2938a980 0000003000000010 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000ff00000000 00ff000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00ff000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000ff00 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 b9801ae8f2c927c2 7373260027f14508 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 7373737373737142 7373737373737373 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 6d25203a7325206b 6e696c6d79732065 7461657263206f74 2064656c69614600 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4800051f5600054e 4b4c49485c560540 5144405746054a51 054140494c444600 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 caf3699b81ba54b1 0000000557603e20 0000000000000231 0000000000356900 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000055735482fc03 0000000000000021 0000000000000031 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a2433273f397b27 697a787c69303b7e 69305f474f5b647c 69303a2433273f39 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 383a3a263d383a3a 263c383a3a263f38 3a3a263e383a3a26 39383a3a2638383a ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692054524f50202c 2064696c61696d20 0070253a20252054 524f504d49005452 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 692020520050202c 2025204f504d4900 0061253a20252000 2527204d49005452 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000