last executing test programs: 5.395631563s ago: executing program 2 (id=409): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x6, 0xe, &(0x7f0000001bc0)=ANY=[@ANYBLOB="b7020000011f0000bfa300000000000007030000f0ffffff7a0af0ff1100000079a4f0ff00000000b706000000000081ad6402000000000045040400ff00ff0f1704000001130a00b7050000000000006a0af2fe0000000085000000a3000000b700000000000000950000000000000000e154cd0800000000000000e38e52c997b05c72b3d0ffffffffe4fbffffff55bb2007ee51050512b5b42128aa090a79507df79f298129da00000080f24bf901115e17392ac66ad029d1c00000614600d53daeacea799a22a2fa798b5adc43eb27d5c9570187c5647fc0e89c11a4c6d92a3319d0ad229e5752548300000000dbc2777df150b7cdd77b85b9deb36adc7e9750f341092314fd085f028f2ed1a4537850614e09d6378198a6097a670838337af2abd55a87ac0394b2f92ffab7d153d62058d0a413b2173619ccf55520f22c9ca8b6712f3024b7041b1df65b3e1b9bf115647b14ce5bd13d0ccacda1efc5f9094fa537c28b994a8512c816fdcceaede3faedc51d29a47fc813a2ec00f4c70200c271d6d7f4ea6bf97f2f33e2ea2e534300bcb3fdc4b48610e9eefbda7f54f82a804d4a69bf9bc5fa77ee293fbd165a5a68488e40b030166565a097b1b44b451de736bb6d43db8db03d4b7745fef1d04ec633dee254a6d491b849a5a787e814c4fd21a18986252a70f8f92eb6f0e8c7db4bf23242a1f2c28159f09943b1b0452d1b72183aacf4a84f9130b775dd4e9e3070756f97bf1a1fa9a1681989328c8ddc20ea011bf5742e0e0d4330db8b20ce3f9f16cb7fc20fb4791ec85821d0c48fb657c29b309c73f0977e7cde65a82b94c461d7962b0d2277a84af326f37f3e2c25a62ec45c3af97a8f17da954aff3ec8c108755f75ca13fb7c8bbd8b6e7dac1aba4b20dc7de058a4dfa7e85a8bdf1d41a2d8bda74d66f47cc180f82c6d294d3665016ac59dda0fde0745db06753a5dc70af2df2c772b0031fe13cab6692422a47e9ffe2d4a2d32f7528751383694bf5700b20ef0c248ddd3da32396a614cacad4aff2066bb5d4045c9585638c2153a6eee01738b0c10671f4f559b7dcb98a6273b8c651e24d9f679e4fbe948dfb4cc4a389469608241730459f0123fd39206000000000000eb55dad46de56ef907b0599c0b8aa49afb9a79ae5498f6589880ed6eea7b9c670012be05e7de0940313c5870786554f526236ebced9390cb6941b8375d936a7d2120eca291963eb2d537d8ee4de5c183c960119451c3f938b22809e1d7f0cda06a9fa87d64cb77872a2cd8a104e16bb1a2b2cf1301800000ff1bf9c92a14a99202d9539f5096412b92012e095b84c20243ff989d8a0260f9670d78f27e3c33269c0e153b28b2d4410572bc45b9d3fa02208d304d455c36300000000022320178b00cc6ec7966130b547dbd8b0000f0a77fbcee53595a779d243a48cea769470424d28804c026aa7f4a5c81921f0128dfd70b438af60b060000000000000056642b49b745f3bf2cf7908b6d7d748308eea09fc361b4735efbf3411718d6ee7aebf90040662d7836d252c566f5ee934c679dbfae9fb4a79f8a836804ed3a1079b0283c12af4bd6cb5f809d29bebd2a12043408cd7cb687dcff91af19010000000000000000456f7d2a42bd13da2022f23daec61854f640f701db0276652f6c74f20675eb781925441578e93046aaddea8ec4ca37f71c2710a7ea8ae0dc214e1cc275b26adfa892e6de92000000000000000000ddff004cff9ec780f535e62f4eeee50e5bafecea4d4134f9d006c8d6883eca5c9c58c9e93311ab5009c68c73de2f04f15d005387577f480000ea65559eb00e76e9d0ada209bcbb5c2548b6da0bf4cfef52a451790cc36000906d5a9fad98c308e39bd5ffb6151d79c1cee1cdfba05e3633be3f00000015762e5ffe4839dc4fdb2fe7f791e8b64293091c989f72dcbbad3fdcd6adab4b7e508e5bf024ed8f8a005f2bbf96c89739f5d81e750d506d7a59a3ad09e8802e8f4f535447cc0fc9d5f99a73145dfcedad69da9cd4375c624600e78f4458542b14f29611f95d4a31838eeb20c20bb82aa31771cd379ec83554cea5e6539db7384e1f58d81f2f2653c4d9818708e28789b552d3fcd116bce9c764c714c9402c21d181aa0820d89f235a3f1c5fc853e59efb28d4f91652f6750b73c962802c0320f8059195729d60c534ee8e8ff0755b67fe4c25edb85bcff24c757aa8090000d1e1d41e1dcf6e6879545b92bd49000000008c420eb4304f66e3a37aaf000000c42a570f0e9dd5fd545470f847f8c3c14fa9ecd1e877b0d8ca84937e859e85e6158f9184bc61a9a284db80e4636c25b96174327d82761c26e329555f9290afad34fe0000000000749efd3763655500344bae34137f5ab0d534b8d43e4ca3b671f2de1cdf51919ac6b59a601fd419adc16e2055b85058dbfac1ae05d7a1759782e4c571ee855a47bc00edf5e9020c09ab004321610b857e8717764b633b00cb32f0e03280e09758bd445ab91d200000000052b79d7b574a241d1d2fe45b3c4e93da3d51de647d10dd49944dc87c92332af00f191b66b6a6f732a91f0e2e9103be61e58c79d4972406b5eeb30625b32fec6a4510d9f317557d278888901d442ad7f8536605a644e9e3d769db497c3960dfde12182334caee994adc38a436367a54b9e182b78e9a0ceb9a2c4f63902c1ad1a7c5a08d0920a23c2a86abbdf357849a651733e57f310198766888c8ccb85cff7f000000002c331fca0e541b7ca211c28ed61c525708a13d115b43f8b1894c8f0f61ae9600000000000000000027c9a46157a3609b6fd9843ee19ec647249a9375de0e9c5858818f3c4a4fa6ce46f4d42b07199de8b99231ace58c77819ee2b3dc8c17a23692759ccf5a205311b7ab22538309b3fd43947912f28a2697b861dfb54609fd88e604ba66b13df468ad87a6c769f952283a1f4e3842edb3d40c68a27ef6a1296dfff4a979369b0e8ebc62887aa46e820a74f91381dcc198e353047db70686d147357024eb3cb94f1e89cb5ba0a56aa046b4dc521a3d9356b4b8b5917c4c860495b240e80063bde261fd00000000007271e28ef6806bc8e139c49b91c76b0d3958f7f05b47d3634e8fbd8d31330d89069f9648a2ff93060ff073b3a113e47edf76f7d116d2b0976cf2ec447c03ae0931651dd315003b7a6a5433a2bb560ae99ec4b227eda2a9457335438c9fd489961fe92b6524e0cd8020ecaa671e934e94d1eb3de6a5f99f301f89c2ee627e949c68b3a404000000000000009a714ee5f72d8805dd1bfbd081f6a5d1f1289dfed2249194e2540dfac273461fc5c0e0a33db7f2d43ea80864f059f40fa2640b6bfb74dd35f5a31059c01517cf4b6641fce9a24b96767b837ca037a1199735c375c705c798e0e208e4a5259d0bfa526b462af45a6e9a84aebe6e6e79909669c17b0ed16acdce1b12b70000000000f4e8cdbadbec962a7edc91c6b80f53e3b19c372e40e20000f4c1180365eb5b71d834eb0693e252b96e6c90ec4d23cc42e88d262c1fdc317c7c000000acbc1248f238b57fbcc10a377cc406e460c0516534bdb3ff372bfd94efa0d32b214b39cea885557d39265a1c5e08c29914db042aa4fe23a92f387ae6d7565d3ca6ceb040f859de2e47f6c04bc55f3b813b9c1832e8a25a50ae433e43036b032518200e2875736fc139a344bf3bf4d8f6f57e5c4b7f62a23758cb30e43f1974b14d4f3e1a8ce71995ce68564a50f418af2b6f22a7c70c2213ec629288604aa118487c864af9368a08bd37eecb0a810c5c24d7a82c07a8e68caa7ff2eaf100f6fd4c3af07d7a86b34f2f4d34abf2f92f1a4107000000000000007ea25cde9445ccb74ebc22156465f4871436b449814543ccc221a8251f71c047203ac4d62b0012cab329a5d900a61880da20b0ad83ae368a19d2827840b8d00f92745508e63cddaac6d2d3c6cb03d512c5be9e7fd86e461e1e6a228e630029dbeddf37a6990c75ff6dcb6f32f61e59e3bf97f48954fd7908ab05e74815d909548b277bf5830e8da85cc4570eaeb265f4ffeacc3a4ec2edb261d53d09ebb6bdf811e2a4ef0be6392d86a5285a7fd2e4345e14786abafdd4852d3d62c334760c05e1bba37d0f0742c53242596e13bc22682ae15694aaaadef41bbd7185b74feaf59dea096a23a46ab14e12839318e953f15fab94c9ba783015ebb6983d514e3b1f246f0a63c5905f4da58cc2be0cb179e7e62c165ae39855182266b36ce9d2943c49a7f9a2a89a948b37f2bb830ea790a2b2c2fcd06bc499434dda842cfa91b2df4368f07eb2410aa387d14ebccd22698f8f322fbdf4cddf11fd3b85325af8df473c8f156833e5488f31165e6a56d4c1c661bcbefcefd10f47b2e593b836be67bdc15c3b7fb497ecbca1506a577eb46c2baa1bb459281a186281947505553dfdfe963c20c12575c4abc45cf9229af181317fde5262a73600f90e7457280ff4229507178c5df9acc2bc071194f6596b2ac36a2d28627e0012f989d7f7a20f2b38eef5ac77926d83a73e3647a6351c23d7e51cf459e5d169d42566b012193338f67612c22eab89fb14a40edd2694696048f9d51d26fa256eede4a9b5dd3508f9308883194ab3b0661d51b18dbdca9b5f70a91db8fc9b19291664eccc8274340eef00c7431a5bb9fced08059a2518eaf35df7c6ee27872be887b37319370a4587e50f28060b963a6e4d73b338f4e8929bc5ada66b6920c633119d17c090e72daa679c6e5bb155710679660004715fd8eec3c660fc32554a20feb5d74cafe562aff12fe126abf5927205867df4dae435d1ab9e711f48cd03f4cc13509fe7bff5ef0e55d71987e44027e29d02ac36f3c486bcf22f86170c3feee2a5eb3adadb7d906f25c73df5cd22a8d1ca00b027a1ab966ab4799e631a21042685fc8c05d5e04ab21a66c5f22179baac52b43a5980b1efb49d9e03d05f4d1a8756085d0305ff3c4cec8500000000229a03ff468b5b1be84cc1d6469eb4715b543babd9ff020d854c55ef9c06112bee0f2406ac9a526ca9d6d6ddc4c38ca1305bec3c175f560633de471ebd4761cb0bd6498737bb63a910a6699dc799cec945cd9d6e091586bb7090adfd15dbec21ff94597498feea6ac39db0ec342d3269c3029d660113dff28992c510325ece4be197b8bcc049d156a2f9bfe0cfb2980c5aebd0fc8041b573ccf84316e880ffd7fed2bd35e820308708de1878ba8585c63c7ed4dd9ba46928914d024a1471fdd18aa386bd801edbc11036fd03cd3a2cf7ccf64e9592894c07a83b39721b0ac04b973194118a95a8e91cf103f3fe10ff8d3d565d4a3ad97a6364c3a2f95fe580be0da6674e7b37952e84b9213e837390bce3c9831de29b7499a250c3dfde867473da3711dbe18238fc564f8035e31f1d6eb0cc57455d408963f6b76c14493d44ccbd744e2e62dbedca793f521c331489366063e29628366b02f9ccccd406ce0bffc662cbb811177d297ae7ef28c7e6f2e02f4cee601b366f8e6c095992fd2ab36c2f9946229a5e217cc0a785a115000000000000000000003308b326ed82fed8f64fd8ef196a91272dd331d4189a4611ebaccb00190bb2422779a3724a0b5802a9aa6c7831aeeda857557ef985138c176e59f9bb0e84075e0b5efa8a2f5f40a295ede722a4fef71b29adaec6a168f7d8bc44148a7649eb05979ab8902f0165e718c10ee158bc9d39b1b574de2c9229ecc040ae514b182c37f3689387c3c9415c0a418d2145c48e7ca78ccec23b4c3e689c51be7e77013ac5e9d1d575d8923cad7f64ab0c86b91016da6abbee852c59e3acff853cbc718732d7c34847db18fc5909ccfe6130c362451d3c5e02fa7ee88aa641ae5c62f3cc6b916c3876efa203"], &(0x7f0000000b80)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000040), 0x10}, 0x39) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000200)={r0, 0x18000000000002a0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x60000000, 0x0, 0x0, 0x0, 0x0}, 0x50) 5.203458099s ago: executing program 2 (id=413): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nfc(&(0x7f0000001400), r0) sendmsg$NFC_CMD_LLC_GET_PARAMS(r0, &(0x7f0000001500)={0x0, 0x0, &(0x7f00000014c0)={&(0x7f0000001480)={0x1c, r1, 0x1, 0x0, 0x0, {}, [@NFC_ATTR_DEVICE_INDEX={0x8}]}, 0x1c}}, 0x0) 5.111422878s ago: executing program 2 (id=418): inotify_add_watch(0xffffffffffffffff, &(0x7f00000000c0)='./file0\x00', 0x6000b0a) r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)=@newlink={0x40, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x20, 0x12, 0x0, 0x1, @sit={{0x9}, {0x14, 0x2, 0x0, 0x1, [@IFLA_IPTUN_ENCAP_TYPE={0x6}, @IFLA_IPTUN_REMOTE={0x8, 0x3, @private}]}}}]}, 0x40}}, 0x0) r1 = socket$inet_udplite(0x2, 0x2, 0x88) ioctl$sock_ifreq(r1, 0x8922, &(0x7f00000006c0)={'bond_slave_0\x00', @ifru_ivalue}) fsetxattr(r1, &(0x7f0000000800)=@random={'osx.', '/dev/nvme-fabrics\x00'}, &(0x7f0000000840)='-@^}\x00', 0x5, 0x0) socket$nl_route(0x10, 0x3, 0x0) r2 = syz_open_procfs(0x0, &(0x7f0000000000)='oom_score\x00') preadv(r2, &(0x7f00000017c0), 0x333, 0x0, 0x0) sendmsg$nl_route_sched(r0, &(0x7f0000000380)={&(0x7f0000000280)={0x10, 0x0, 0x0, 0x100000}, 0xc, &(0x7f0000000340)={&(0x7f0000000700), 0x4c}}, 0x0) r3 = socket$packet(0x11, 0x3, 0x300) setsockopt$inet_tcp_TCP_MD5SIG(r2, 0x6, 0xe, &(0x7f00000005c0)={@in6={{0xa, 0x4e21, 0x5, @ipv4={'\x00', '\xff\xff', @remote}}}, 0x0, 0x0, 0x46, 0x0, "58abcd68e5f46c05506f7a865d0500002b559fbe12c5d44fcc812b07d9f04454a1d73e616f28390c6623ff0720edef976006bad13891fd7380df1900f5544d429df2730479ec0ad673ff7e26dacb2400"}, 0xffffffffffffff12) writev(0xffffffffffffffff, &(0x7f0000000140)=[{&(0x7f00000004c0)="047aa374832f5d793688ed86ec743840fa9c9529fdd001c67c8e591a0e412c3632d88f9cf8732d6c86ab129c932e37494af3d48badc9f6a7104db7859b3e995b92ce3be7adceaa5686af612db4718ecb2579dbb1e2ea9a8de6ea393e62f2e6ec2dbdb678c25b7ae41d66b4f3c0451936aee789256ff94444a077194f43d695bffad4ad194635d152fe93fc2151454472366ed85b65339b1f1df322d39cde687863fb4e8bc6c1599eaa0d25282d0c56944128404efb10e38ef9123cf3c2c9c9636a220df0fef3bb03efe1a0497de1dee32c2c474a25da8c0fcb4093002a8457a19ea7", 0xe2}], 0x1) ioctl$sock_SIOCGIFINDEX(r3, 0x8933, &(0x7f0000000180)={'bond0\x00', 0x0}) fcntl$getown(0xffffffffffffffff, 0x9) bind$packet(0xffffffffffffffff, &(0x7f0000000100)={0x11, 0x0, r4, 0x1, 0x7f, 0x6, @multicast}, 0x14) r5 = socket$nl_route(0x10, 0x3, 0x0) r6 = socket(0x1, 0x803, 0x0) getsockname$packet(r6, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000002c0)=0x14) sendmsg$nl_route(r5, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x54, 0x10, 0x401, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x1, 0x20002}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}, @IFLA_MACVLAN_FLAGS={0x6, 0x2, 0x1}]}}}, @IFLA_LINK={0x8, 0x5, r4}, @IFLA_MASTER={0x8, 0xa, r7}]}, 0x54}, 0x1, 0x0, 0x0, 0x4008800}, 0x4000) 4.832065484s ago: executing program 2 (id=423): bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x6, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x5, 0x0, 0x0, 0x0, 0x61, 0x10, 0x4}, [@ldst={0x5, 0x3}]}, &(0x7f0000003ff6)='GPL\x00', 0x5, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0x2}, 0x48) 4.696147547s ago: executing program 2 (id=426): r0 = socket(0x10, 0x3, 0x0) sendmsg$nl_generic(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000001240)={&(0x7f0000000940)={0xb4, 0x19, 0x1, 0x0, 0x0, {0x1d, 0xd601, 0x9}, [@nested={0x4d, 0x10, 0x0, 0x1, [@generic="25b57efaa223b473fe7783bc4a506cf756740574b89d316af9b5963870ef3391f3ac176f88d6e1db9b2bb2e5c90fafb663cdebaede447dc8f6f61c6615fcf740adda4853b2d23adb37"]}, @nested={0x4d, 0x12, 0x0, 0x1, [@generic="1ea29c87c248decf12b9efd32e189cd9e83d42960b1fb85ad6f37f9e6605fec1084d72f1e5f4d490e407addd0b5c052c71a06a8bba3a99fbaac777125aeaf2bea096c0324760b12070"]}]}, 0xb4}}, 0x0) 4.551899271s ago: executing program 2 (id=429): openat$tun(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000000)={0x26, 'aead\x00', 0x0, 0x0, 'aegis128-generic\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000140)="2c385aa3d49100dc6626c892b6bc436a", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x0) sendmsg$nl_route_sched_retired(r1, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f0000012100), 0xe078}}, 0x0) recvmmsg(r1, &(0x7f0000000700)=[{{0x0, 0x0, 0x0}}, {{0x0, 0x0, &(0x7f0000000200)=[{&(0x7f0000000300)=""/222, 0xde}, {&(0x7f0000000840)=""/134, 0x86}], 0x86}}], 0x2, 0x0, 0x0) 2.300863537s ago: executing program 0 (id=449): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000300)={'wlan1\x00', 0x0}) r2 = socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000440), 0xffffffffffffffff) sendmsg$NL80211_CMD_SET_STATION(r2, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000000480)={0x2c, r3, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r1}, @void}}, [@NL80211_ATTR_STA_EXT_CAPABILITY={0x4}, @NL80211_ATTR_MAC={0xa}]}, 0x2c}}, 0x0) 2.147994628s ago: executing program 1 (id=452): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000340)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) r1 = socket$packet(0x11, 0x2, 0x300) r2 = socket$nl_route(0x10, 0x3, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r2, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000640), 0xffffffffffffffff) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NL80211_CMD_FRAME(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000700)={0x200, 0x0, 0x0, 0x0, 0x0, {{}, {@val={0x8}, @void}}, [@NL80211_ATTR_FRAME={0x1d7, 0x33, @beacon={{{}, {}, @device_a, @broadcast, @random="90e488f9971a"}, 0x0, @random, 0x0, @void, @void, @val={0x3, 0x1}, @val={0x4, 0x6}, @void, @void, @void, @val={0x2a, 0x1}, @void, @void, @val={0x72, 0x6}, @void, @val={0x76, 0x6, {0x0, 0x0, 0x0, 0xb06}}, [{0xdd, 0x73, "eb13a8b3df323b58645505746aa35226d44912415c3d4ac256aa5c2291a3317d27815fda589135d0308f4ff131b3c4a96dde0f9c497c9bbde281223c0596f01156deb1f851f7602fb2299c382c07898a4d7dddbc046ef6a9b938b13f76ccceb4d339a7d92a6a7f45bd90df8b5bd53f1eec1a24"}, {0xdd, 0x55, "4f2a899e94bcf0613609929460dda7b3421f2af277170aab1eef1bc7a6bad283ec72e75c78d8f4f30f5e2ee79daf8ece54852b5b93eabb5832b001d39227230802e601a7f9749d370367565ddb88a137c4572cce24"}, {0xdd, 0x49, "5dad8ac12f96664d51c30bd3379c2d305630cd93fec0b4249d429b451f52399f26b866650e0e9464949a974045190fa9251c8b6aacda7ecc351ee9cb5512364284512cf7643040ee1f"}, {0xdd, 0x78, "83534cd40fda26eabadf3814f88fa9c5d39124ac6ffcf2583cbdd58fa0969b3e6783c46ed2318e977c080347f36fa8d773079f6224521c4c8b10e4a9454bece9457b66b239a7eaff140a8d9131349399c804bb1a81f829c6ab11af5cfe8df9f59ec093d26c17fe50bb0550d71068d1627631bb2db934cb18"}]}}, @NL80211_ATTR_CSA_C_OFFSETS_TX={0x6, 0xcd, [0x0]}, @NL80211_ATTR_TX_NO_CCK_RATE={0x4}]}, 0x200}}, 0x0) ioctl$sock_SIOCGIFINDEX_80211(r6, 0x8933, &(0x7f0000000340)={'wlan1\x00', 0x0}) sendmsg$NL80211_CMD_FRAME(r4, &(0x7f0000000440)={0x0, 0x0, &(0x7f0000000400)={&(0x7f0000000680)=ANY=[@ANYBLOB="98030000", @ANYRES16=r5, @ANYBLOB="010028057000fcdbdf253b00000008000300", @ANYRES32=r7, @ANYBLOB="04008e00080057001b0a000004006c000500190107000000080026006c0900005603330080b0c000ffffffffffff"], 0x398}}, 0x0) setsockopt$SO_VM_SOCKETS_CONNECT_TIMEOUT_OLD(0xffffffffffffffff, 0x28, 0x6, &(0x7f0000000080)={0x0, 0xea60}, 0x10) connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000200)={0x28, 0x0, 0x0, @host}, 0x10) connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000000), 0x10) connect$vsock_stream(0xffffffffffffffff, 0x0, 0x0) connect$vsock_stream(0xffffffffffffffff, &(0x7f0000000040)={0x28, 0x0, 0x0, @host}, 0x10) getsockopt$packet_int(0xffffffffffffffff, 0x107, 0xb, &(0x7f0000000000), &(0x7f0000000040)=0x4) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000003100)={@ifindex, 0xffffffffffffffff, 0x11, 0x10, 0xffffffffffffffff, @prog_fd}, 0x20) socket$inet6_udp(0xa, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000240)={'syztnl1\x00', &(0x7f00000001c0)={'syztnl0\x00', 0x0, 0x2f, 0x6e, 0x1, 0x2fb, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x15}}, @private1={0xfc, 0x1, '\x00', 0x1}, 0x40, 0x80, 0x800, 0xe5b}}) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x3, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081780000bfa30000000000000703000000feffff720af0fff8ffffff71a4f0ff0000000071103b00000000001d400500000000004704000001ed00000f030000000000001d440000000000006b0a00fe000000007203000000000000b5000000000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afc0513466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616236fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea01d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a07f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a22048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a126a1bdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0d5d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f10bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b123145ab5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdd491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d00b07862c4fbba468df3e1b393cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52c094016406cdd32abf77fea373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f006694d461b76a58d88cf0f520310a1e80dc18cde98d662eee077515dca8811922929e08538fab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a09313b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f57cbc05cd897f40693ec427ea71578130cde48de3b4dda0c7b615b57ccd4f8ac729a80f891d91a89d967948b9d95b1f22480ab48969e86b854a8c17f3e264ce11f9f63552364e759eec94572f2f7b0e2f293573d0b80709815f4344f908c00"/2646], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r8 = bpf$PROG_LOAD(0x5, &(0x7f0000000100)={0x20, 0x3, &(0x7f00000000c0)=@framed, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2d, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000200)={&(0x7f00000006c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0x28, 0x28, 0x2, [@array={0x0, 0x0, 0x0, 0x3, 0x0, {0x3, 0x1, 0xffffffff}}, @int={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x4}]}}, &(0x7f0000000740)=""/105, 0x42, 0x69, 0x1}, 0x20) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000008c0)={r8, 0x0, 0x14, 0x0, &(0x7f00000006c0)="f6f4e9a1d78ad62ceef1884366a578bb3fb7dbfc", 0x0, 0x0, 0x0, 0x9, 0x0, &(0x7f0000000240)="482eadffffffffffff", 0x0}, 0x50) setsockopt$packet_add_memb(r1, 0x107, 0x1, &(0x7f0000000000)={r3, 0x1, 0x6, @multicast}, 0x10) r9 = socket$nl_route(0x10, 0x3, 0x0) syz_emit_ethernet(0x6e, &(0x7f0000000240)=ANY=[@ANYBLOB="ffffffffffff0180c2000b0086dd6012000800383a00fc010000000000000000000000000000ff0200000000000000000000000000010100007800000000600ad91500002c00ff010000000000000000000000000001fe8000000000000000000000000000040000009000000000"], 0x0) sendmsg$nl_route(r9, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000100)=ANY=[@ANYBLOB="3c00000010000100"/20, @ANYRES32=0x0, @ANYBLOB], 0x3c}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0xd, 0x10, &(0x7f0000000000)=ANY=[@ANYBLOB="18000000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bf8100000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018210000", @ANYRES32=r0, @ANYBLOB="0000000002000000b70500000800000085000000aa00000095"], &(0x7f0000000300)='GPL\x00', 0x9, 0x1002, &(0x7f00000004c0)=""/4098}, 0x90) socket$nl_generic(0x10, 0x3, 0x10) 2.141539618s ago: executing program 0 (id=453): prlimit64(0x0, 0x0, &(0x7f0000000140)={0x8, 0x100008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = getpid() sched_setscheduler(r0, 0x1, &(0x7f0000000100)=0x5) socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000001480)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000380)=@abs={0x0, 0x0, 0x4e24}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000d8ffffffb703000008000000b70400000000925e850000000800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x2, 0x4, 0x6, 0x5}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000001070000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b7080000000013007b8af8ff00000000bfa200000000"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r4}, 0x10) socket$inet6_tcp(0xa, 0x1, 0x0) bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)={0x1b, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0}, 0x48) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mkdir(&(0x7f0000000040)='./file0\x00', 0x0) close(0xffffffffffffffff) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000040)) r5 = syz_open_dev$usbfs(&(0x7f0000000100), 0x76, 0x101301) ioctl$USBDEVFS_DISCONNECT_CLAIM(r5, 0x8108551b, &(0x7f00000002c0)={0x0, 0x0, "5a77bd318786aeb879ca62cdab2a02fa560186d85b25a5665a3247e500f61681905db88235f8a5447dd2a2ed6e91626f068881e50f68530c2b21a100efb76cba37ff3111d6847e0c7f719e169a596e5fc008daefba68f6222103472bc55704cdb72b4b996ed82ccb1eaae27969d008ba7d34171113d806726615380fe65a6a0a72e19c2b60bd6276fd8bb6363d10f70da60fd53ded01007eb2be010e4a62fb73c33424b437bb192c9d06ea6ed04983fe5c5ca033dfce0a82575ef14eee686be0fc58e384f93a13e4e8bbf599394baea3a9ca1864f0a35d6cc38fca32ad6b39905a9727d2001457df7be7e1aefe3635b2ee97c143f28def4b73905ca14d90d1f6"}) ioctl$USBDEVFS_SUBMITURB(r5, 0x802c550a, &(0x7f0000000540)=@urb_type_iso={0x0, {0x1, 0x1}, 0x5, 0x0, 0x0, 0x0, 0x0, 0xfffffffd, 0x14, 0x0, 0x14000, 0x0, [{0xfff, 0x9, 0x31}, {0x3, 0x6}, {0x72e8798d, 0x9, 0x6}, {0x2, 0x401, 0x5}, {0xffffffff, 0xfffffff8, 0x3}, {0x2, 0x3, 0x2}, {0xfff, 0x5, 0x5}, {0x5, 0x0, 0x65f0}, {0x1000, 0x9, 0x2}, {0x88ea, 0x5, 0x1000}, {0xf9, 0x9, 0xff}, {0x3f, 0x2, 0x8}, {0x8000, 0xe44f7000}, {0x696c, 0xffff256d, 0xc42e}, {0x1000, 0x9, 0x7fff}, {0xb5, 0x800, 0x6}, {0x7, 0x6}, {0x10001}, {0x84e8, 0x200, 0x4}, {0x0, 0xfff}]}) 1.10086095s ago: executing program 0 (id=459): sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000240)=ANY=[@ANYBLOB="00000000000000001c001a8018000a"], 0x3c}}, 0x0) pipe(&(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = openat$ptmx(0xffffffffffffff9c, &(0x7f00000000c0), 0x121301, 0x0) write$binfmt_aout(r1, &(0x7f0000000080)=ANY=[], 0xff2e) ioctl$TCSETS(r1, 0x40045431, &(0x7f0000000100)) r2 = syz_open_pts(r1, 0x0) dup3(r2, r1, 0x0) splice(r1, 0x0, r0, 0x0, 0x3, 0x0) 919.998492ms ago: executing program 1 (id=460): r0 = syz_io_uring_setup(0xf3d, &(0x7f0000000480), &(0x7f0000000080)=0x0, &(0x7f0000000540)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000180)=0xfffffffc, 0x0, 0x4) r3 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000000)='blkio.bfq.io_queued_recursive\x00', 0x275a, 0x0) syz_io_uring_submit(r1, r2, &(0x7f0000000200)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd=r3, 0x0, 0x0}) io_uring_enter(r0, 0x47fa, 0x0, 0x0, 0x0, 0x0) io_uring_enter(r0, 0x4ac6, 0x0, 0x0, 0x0, 0x0) 644.780342ms ago: executing program 1 (id=463): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000280)={{0x14}, [@NFT_MSG_NEWSET={0x58, 0x9, 0xa, 0x801, 0x0, 0x0, {}, [@NFTA_SET_NAME={0x9, 0x2, 'syz0\x00'}, @NFTA_SET_TABLE={0x9, 0x1, 'syz1\x00'}, @NFTA_SET_GC_INTERVAL={0x8}, @NFTA_SET_KEY_LEN={0x8, 0x5, 0x1, 0x0, 0x3d}, @NFTA_SET_FLAGS={0x8, 0x3, 0x1, 0x0, 0x10}, @NFTA_SET_ID={0x8}, @NFTA_SET_TIMEOUT={0xc}]}], {0x14}}, 0x80}}, 0x0) 565.420618ms ago: executing program 1 (id=465): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140100001f000504000200000000000006"], 0x114}], 0x1}, 0x0) 489.582558ms ago: executing program 1 (id=466): r0 = socket$kcm(0x2, 0x922000000001, 0x106) setsockopt$sock_attach_bpf(r0, 0x1, 0x4c, 0x0, 0x0) 489.235896ms ago: executing program 1 (id=468): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000002c0)=ANY=[@ANYBLOB="30000000190001000000000000000000021800000000ff000000000008000100ac1414000c000900080000003e"], 0x30}}, 0x0) 432.13036ms ago: executing program 3 (id=469): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x6, 0xb, &(0x7f0000000040)=ANY=[@ANYBLOB="18000000004f4b000000000000000000180100002020702000000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000fdffffff850000007100000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r0, 0x70000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) 372.092197ms ago: executing program 3 (id=470): open(&(0x7f0000000480)='./file1\x00', 0x64142, 0x0) setxattr$security_ima(&(0x7f0000000000)='./file1\x00', &(0x7f0000000140), &(0x7f0000000400)=@v2={0x3}, 0x9, 0x0) 315.005577ms ago: executing program 3 (id=471): setsockopt$inet6_MCAST_JOIN_GROUP(0xffffffffffffffff, 0x29, 0x6, 0x0, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000180)='pagemap\x00') r1 = syz_open_dev$usbfs(&(0x7f00000000c0), 0x204, 0x0) mmap(&(0x7f000007f000/0x1000)=nil, 0x1000, 0x0, 0x11012, r1, 0x0) pread64(r0, &(0x7f000001a240)=""/102400, 0x19000, 0x100008) 244.937342ms ago: executing program 3 (id=472): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000040), 0xffffffffffffffff) sendmsg$SEG6_CMD_SETHMAC(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)={0x2c, r1, 0x1, 0x0, 0x0, {}, [@SEG6_ATTR_SECRETLEN={0x5}, @SEG6_ATTR_ALGID={0x5}, @SEG6_ATTR_HMACKEYID={0x8, 0x3, 0x6}]}, 0x2c}}, 0x0) 187.506775ms ago: executing program 0 (id=473): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000001ac0)=[{&(0x7f0000000000)=ANY=[@ANYBLOB="140100001f000504000200000000000006"], 0x114}], 0x1}, 0x0) 80.748349ms ago: executing program 3 (id=474): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000000)=0x1, 0x4) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffffffffffffffff, 0x2}, 0x6) recvmmsg(r0, &(0x7f0000000cc0)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 79.299651ms ago: executing program 0 (id=475): r0 = syz_open_dev$video4linux(&(0x7f0000000000), 0xfff, 0x0) ioctl$VIDIOC_SUBDEV_G_SELECTION(r0, 0xc040564a, &(0x7f0000000080)={0x0, 0x0, 0x100}) 75.512326ms ago: executing program 3 (id=476): r0 = socket(0x25, 0x1, 0x0) r1 = epoll_create1(0x0) epoll_ctl$EPOLL_CTL_ADD(r1, 0x1, r0, &(0x7f0000000080)) 0s ago: executing program 0 (id=477): mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x100000a, 0x5d032, 0xffffffffffffffff, 0x0) timer_create(0x0, &(0x7f0000000680)={0x0, 0x21, 0x0, @tid=0xffffffffffffffff}, &(0x7f0000000100)) timer_settime(0x0, 0x0, &(0x7f000006b000)={{0x0, 0x8}, {0x0, 0x9}}, 0x0) r0 = userfaultfd(0x801) ioctl$UFFDIO_API(r0, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(r0, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x4}) ioctl$UFFDIO_COPY(r0, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000582000/0x2000)=nil, 0x800000}) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:65062' (ED25519) to the list of known hosts. [ 47.890678][ T5179] cgroup: Unknown subsys name 'net' [ 48.074354][ T5179] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 49.274890][ T5179] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 49.759997][ T5205] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 49.765596][ T5205] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 49.770351][ T5205] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 49.781417][ T5210] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 49.784647][ T5208] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 49.791078][ T5210] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 49.795536][ T5208] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 49.796043][ T5210] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 49.796497][ T5213] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 49.796885][ T5213] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 49.797205][ T5213] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 49.804779][ T5213] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 49.809197][ T5210] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 49.813256][ T5213] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 49.814810][ T5210] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 49.818003][ T5213] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 49.821053][ T5210] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 49.823681][ T5213] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 49.833183][ T5213] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 49.840837][ T4640] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 49.847002][ T4640] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 49.851750][ T5205] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 49.855954][ T5205] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 49.859994][ T5205] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 50.304550][ T5206] chnl_net:caif_netlink_parms(): no params data found [ 50.333713][ T5203] chnl_net:caif_netlink_parms(): no params data found [ 50.399823][ T5209] chnl_net:caif_netlink_parms(): no params data found [ 50.454001][ T5214] chnl_net:caif_netlink_parms(): no params data found [ 50.685815][ T5206] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.689840][ T5206] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.693200][ T5206] bridge_slave_0: entered allmulticast mode [ 50.697469][ T5206] bridge_slave_0: entered promiscuous mode [ 50.704557][ T5206] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.711394][ T5206] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.714924][ T5206] bridge_slave_1: entered allmulticast mode [ 50.718561][ T5206] bridge_slave_1: entered promiscuous mode [ 50.728723][ T5203] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.732396][ T5203] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.738944][ T5203] bridge_slave_0: entered allmulticast mode [ 50.742932][ T5203] bridge_slave_0: entered promiscuous mode [ 50.811755][ T5203] bridge0: port 2(bridge_slave_1) entered blocking state [ 50.815145][ T5203] bridge0: port 2(bridge_slave_1) entered disabled state [ 50.818189][ T5203] bridge_slave_1: entered allmulticast mode [ 50.821476][ T5203] bridge_slave_1: entered promiscuous mode [ 50.914098][ T5206] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 50.988860][ T5214] bridge0: port 1(bridge_slave_0) entered blocking state [ 50.992192][ T5214] bridge0: port 1(bridge_slave_0) entered disabled state [ 50.996267][ T5214] bridge_slave_0: entered allmulticast mode [ 51.000342][ T5214] bridge_slave_0: entered promiscuous mode [ 51.007059][ T5206] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 51.055371][ T5203] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 51.059851][ T5214] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.063212][ T5214] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.066866][ T5214] bridge_slave_1: entered allmulticast mode [ 51.071361][ T5214] bridge_slave_1: entered promiscuous mode [ 51.101784][ T5209] bridge0: port 1(bridge_slave_0) entered blocking state [ 51.104631][ T5209] bridge0: port 1(bridge_slave_0) entered disabled state [ 51.107777][ T5209] bridge_slave_0: entered allmulticast mode [ 51.111738][ T5209] bridge_slave_0: entered promiscuous mode [ 51.116427][ T5209] bridge0: port 2(bridge_slave_1) entered blocking state [ 51.118959][ T5209] bridge0: port 2(bridge_slave_1) entered disabled state [ 51.121471][ T5209] bridge_slave_1: entered allmulticast mode [ 51.125262][ T5209] bridge_slave_1: entered promiscuous mode [ 51.131387][ T5203] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 51.177955][ T5206] team0: Port device team_slave_0 added [ 51.289409][ T5206] team0: Port device team_slave_1 added [ 51.295528][ T5209] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 51.303374][ T5203] team0: Port device team_slave_0 added [ 51.308719][ T5214] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 51.335788][ T5209] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 51.341588][ T5203] team0: Port device team_slave_1 added [ 51.345882][ T5214] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 51.369008][ T5206] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 51.372109][ T5206] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.384568][ T5206] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 51.478930][ T5206] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 51.481782][ T5206] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.492919][ T5206] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 51.507096][ T5209] team0: Port device team_slave_0 added [ 51.561358][ T5209] team0: Port device team_slave_1 added [ 51.582180][ T5203] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 51.586039][ T5203] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.597269][ T5203] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 51.626381][ T5214] team0: Port device team_slave_0 added [ 51.651147][ T5203] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 51.654072][ T5203] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.666668][ T5203] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 51.704074][ T5206] hsr_slave_0: entered promiscuous mode [ 51.707642][ T5206] hsr_slave_1: entered promiscuous mode [ 51.715674][ T5214] team0: Port device team_slave_1 added [ 51.719210][ T5209] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 51.722217][ T5209] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.734151][ T5209] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 51.742505][ T5209] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 51.745965][ T5209] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.756826][ T5209] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 51.851496][ T5214] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 51.854777][ T5214] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.866418][ T5214] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 51.872195][ T5214] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 51.875092][ T5214] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 51.875179][ T5205] Bluetooth: hci2: command tx timeout [ 51.877260][ T5210] Bluetooth: hci1: command tx timeout [ 51.877680][ T5210] Bluetooth: hci0: command tx timeout [ 51.886166][ T5214] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 51.919511][ T5209] hsr_slave_0: entered promiscuous mode [ 51.922820][ T5209] hsr_slave_1: entered promiscuous mode [ 51.926171][ T5209] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 51.929904][ T5209] Cannot create hsr debugfs directory [ 51.956142][ T5205] Bluetooth: hci3: command tx timeout [ 52.048469][ T5203] hsr_slave_0: entered promiscuous mode [ 52.053131][ T5203] hsr_slave_1: entered promiscuous mode [ 52.056299][ T5203] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 52.059309][ T5203] Cannot create hsr debugfs directory [ 52.168623][ T5214] hsr_slave_0: entered promiscuous mode [ 52.173173][ T5214] hsr_slave_1: entered promiscuous mode [ 52.176158][ T5214] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 52.179359][ T5214] Cannot create hsr debugfs directory [ 52.676567][ T5206] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 52.686600][ T5206] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 52.694697][ T5206] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 52.701386][ T5206] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 52.754423][ T5214] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 52.765929][ T5214] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 52.774525][ T5214] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 52.781490][ T5214] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 52.838972][ T5203] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 52.853502][ T5203] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 52.861029][ T5203] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 52.871107][ T5203] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 52.932394][ T5209] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 52.939940][ T5209] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 52.947581][ T5209] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 52.957533][ T5209] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 53.087810][ T5206] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.153198][ T5214] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.179770][ T5203] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.186856][ T5206] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.250303][ T5209] 8021q: adding VLAN 0 to HW filter on device bond0 [ 53.261847][ T56] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.265005][ T56] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.283106][ T56] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.286906][ T56] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.298357][ T5214] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.319600][ T4999] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.323332][ T4999] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.335635][ T5203] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.353242][ T5241] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.356119][ T5241] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.363116][ T5241] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.366709][ T5241] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.398345][ T5209] 8021q: adding VLAN 0 to HW filter on device team0 [ 53.417363][ T1941] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.422608][ T1941] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.463629][ T1941] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.468921][ T1941] bridge0: port 1(bridge_slave_0) entered forwarding state [ 53.478563][ T1941] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.481839][ T1941] bridge0: port 2(bridge_slave_1) entered forwarding state [ 53.571927][ T5209] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 53.577718][ T5209] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 53.696298][ T5206] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.769153][ T5206] veth0_vlan: entered promiscuous mode [ 53.781485][ T5206] veth1_vlan: entered promiscuous mode [ 53.817009][ T5209] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.848252][ T5214] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.858845][ T5203] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 53.884958][ T5206] veth0_macvtap: entered promiscuous mode [ 53.919014][ T5206] veth1_macvtap: entered promiscuous mode [ 53.954036][ T5205] Bluetooth: hci2: command tx timeout [ 53.954718][ T5213] Bluetooth: hci0: command tx timeout [ 53.954731][ T5210] Bluetooth: hci1: command tx timeout [ 53.977967][ T5206] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.001455][ T5206] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.019654][ T5203] veth0_vlan: entered promiscuous mode [ 54.023159][ T5209] veth0_vlan: entered promiscuous mode [ 54.033232][ T5206] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.034552][ T5213] Bluetooth: hci3: command tx timeout [ 54.039226][ T5206] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.043636][ T5206] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.047856][ T5206] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.063513][ T5203] veth1_vlan: entered promiscuous mode [ 54.096059][ T5214] veth0_vlan: entered promiscuous mode [ 54.101418][ T5209] veth1_vlan: entered promiscuous mode [ 54.126703][ T5214] veth1_vlan: entered promiscuous mode [ 54.196689][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.204093][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.222425][ T5209] veth0_macvtap: entered promiscuous mode [ 54.232782][ T5209] veth1_macvtap: entered promiscuous mode [ 54.242213][ T5203] veth0_macvtap: entered promiscuous mode [ 54.261216][ T5203] veth1_macvtap: entered promiscuous mode [ 54.289830][ T1097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.295043][ T5214] veth0_macvtap: entered promiscuous mode [ 54.295107][ T1097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.318218][ T5214] veth1_macvtap: entered promiscuous mode [ 54.324786][ T5209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 54.329628][ T5209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.346253][ T5209] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.362332][ T5209] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 54.367922][ T5209] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.375891][ T5209] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.381080][ T5203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 54.386644][ T5203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.393287][ T5203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 54.398389][ T5203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.409390][ T5203] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.425721][ T5209] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.429649][ T5209] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.433740][ T5209] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.455693][ T5209] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.481413][ T5214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 54.486606][ T5214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.491915][ T5214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 54.497103][ T5214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.501684][ T5214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 54.506015][ T5214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.511011][ T5214] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.515084][ T5203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 54.519540][ T5203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.523265][ T5203] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 54.528421][ T5203] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.533672][ T5203] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.547368][ T5203] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.548893][ T5263] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 54.551226][ T5203] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.560930][ T5203] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.565552][ T5203] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.585704][ T5214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 54.590655][ T5214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.595308][ T5214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 54.599733][ T5214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.603736][ T5214] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 54.612150][ T5214] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 54.620208][ T5214] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.714209][ T5214] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.718867][ T5214] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.723141][ T5214] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.728353][ T5214] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.811831][ T1097] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.823863][ T1097] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.851793][ T13] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.856918][ T13] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.895772][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.898832][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.947611][ T1097] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.953954][ T1097] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.960585][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.965307][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 54.983299][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 54.989579][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.934438][ T5241] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 56.035018][ T5213] Bluetooth: hci2: command tx timeout [ 56.039060][ T5213] Bluetooth: hci0: command tx timeout [ 56.041746][ T5213] Bluetooth: hci1: command tx timeout [ 56.091470][ T5314] fscrypt (sda1, inode 1958): Direct key flag not allowed with different contents and filenames modes [ 56.116829][ T5213] Bluetooth: hci3: command tx timeout [ 56.147427][ T5241] usb 7-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 56.152702][ T5241] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 56.173680][ T5241] usb 7-1: Product: syz [ 56.176079][ T5241] usb 7-1: Manufacturer: syz [ 56.179081][ T5241] usb 7-1: SerialNumber: syz [ 56.192942][ T5241] usb 7-1: config 0 descriptor?? [ 56.308183][ T5323] wireguard: wg2: Could not create IPv4 socket [ 56.424828][ T5241] usb 7-1: USB disconnect, device number 2 [ 56.813689][ T5347] netlink: 8 bytes leftover after parsing attributes in process `syz.1.33'. [ 57.594560][ T5388] fscrypt (sda1, inode 1954): Direct key flag not allowed with different contents and filenames modes [ 58.115890][ T5213] Bluetooth: hci0: command tx timeout [ 58.115897][ T5210] Bluetooth: hci2: command tx timeout [ 58.124412][ T5213] Bluetooth: hci1: command tx timeout [ 58.194480][ T5413] @: renamed from vlan0 (while UP) [ 58.196150][ T5213] Bluetooth: hci3: command tx timeout [ 59.873515][ T5458] netlink: 'syz.3.80': attribute type 3 has an invalid length. [ 60.201340][ T5210] Bluetooth: hci4: unexpected cc 0x0c03 length: 249 > 1 [ 60.209822][ T5210] Bluetooth: hci4: unexpected cc 0x1003 length: 249 > 9 [ 60.216164][ T5210] Bluetooth: hci4: unexpected cc 0x1001 length: 249 > 9 [ 60.230418][ T5210] Bluetooth: hci4: unexpected cc 0x0c23 length: 249 > 4 [ 60.239120][ T5210] Bluetooth: hci4: unexpected cc 0x0c25 length: 249 > 3 [ 60.244572][ T5210] Bluetooth: hci4: unexpected cc 0x0c38 length: 249 > 2 [ 60.494363][ T35] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 60.576166][ T11] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 60.631832][ T5472] chnl_net:caif_netlink_parms(): no params data found [ 60.698274][ T35] usb 6-1: New USB device found, idVendor=1604, idProduct=8001, bcdDevice=44.1f [ 60.702070][ T35] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 60.742675][ T35] usb 6-1: Product: syz [ 60.745304][ T35] usb 6-1: Manufacturer: syz [ 60.747581][ T35] usb 6-1: SerialNumber: syz [ 60.778589][ T35] usb 6-1: config 0 descriptor?? [ 60.858041][ T11] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.010329][ T967] usb 6-1: USB disconnect, device number 2 [ 61.113716][ T11] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.130717][ T5472] bridge0: port 1(bridge_slave_0) entered blocking state [ 61.134999][ T5472] bridge0: port 1(bridge_slave_0) entered disabled state [ 61.138884][ T5472] bridge_slave_0: entered allmulticast mode [ 61.147204][ T5472] bridge_slave_0: entered promiscuous mode [ 61.159719][ T5472] bridge0: port 2(bridge_slave_1) entered blocking state [ 61.167478][ T5472] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.170917][ T5472] bridge_slave_1: entered allmulticast mode [ 61.175496][ T5472] bridge_slave_1: entered promiscuous mode [ 61.215468][ T11] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 61.287310][ T5472] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 61.293248][ T5472] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 61.436471][ T5472] team0: Port device team_slave_0 added [ 61.445066][ T5472] team0: Port device team_slave_1 added [ 61.654699][ T5472] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 61.657736][ T5472] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.672626][ T5472] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 61.703208][ T5472] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 61.707496][ T5472] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 61.720949][ T5472] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 61.851976][ T5472] hsr_slave_0: entered promiscuous mode [ 61.857372][ T5472] hsr_slave_1: entered promiscuous mode [ 61.863397][ T5472] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 61.869226][ T5472] Cannot create hsr debugfs directory [ 61.872308][ T11] bridge_slave_1: left allmulticast mode [ 61.875785][ T11] bridge_slave_1: left promiscuous mode [ 61.879560][ T11] bridge0: port 2(bridge_slave_1) entered disabled state [ 61.893487][ T11] bridge_slave_0: left allmulticast mode [ 61.897457][ T11] bridge_slave_0: left promiscuous mode [ 61.900159][ T11] bridge0: port 1(bridge_slave_0) entered disabled state [ 62.354941][ T5210] Bluetooth: hci4: command tx timeout [ 62.359766][ T11] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 62.373590][ T11] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 62.388677][ T11] bond0 (unregistering): Released all slaves [ 62.564894][ T5542] netlink: 'syz.2.111': attribute type 3 has an invalid length. [ 63.254089][ T5578] binder: 5577:5578 ioctl 4018620d 0 returned -22 [ 63.254565][ T11] hsr_slave_0: left promiscuous mode [ 63.263731][ T5578] binder: 5577:5578 ioctl c0306201 20000380 returned -11 [ 63.273010][ T11] hsr_slave_1: left promiscuous mode [ 63.277964][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 63.281795][ T11] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 63.307219][ T11] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 63.311142][ T11] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 63.404923][ T11] veth1_macvtap: left promiscuous mode [ 63.408152][ T11] veth0_macvtap: left promiscuous mode [ 63.411844][ T11] veth1_vlan: left promiscuous mode [ 63.415678][ T11] veth0_vlan: left promiscuous mode [ 63.427140][ T5210] Bluetooth: Wrong link type (-71) [ 63.674379][ T4999] usb 6-1: new full-speed USB device number 3 using dummy_hcd [ 63.881599][ T4999] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 63.893936][ T4999] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 63.899237][ T4999] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64 [ 63.914198][ T4999] usb 6-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 63.925523][ T4999] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 63.932595][ T4999] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 63.943118][ T4999] usb 6-1: SerialNumber: syz [ 63.982419][ T5584] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 63.990136][ T5584] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 64.006020][ T4999] cdc_acm 6-1:1.0: Control and data interfaces are not separated! [ 64.439670][ T5210] Bluetooth: hci4: command tx timeout [ 65.354536][ T11] team0 (unregistering): Port device team_slave_1 removed [ 65.447462][ T11] team0 (unregistering): Port device team_slave_0 removed [ 66.289781][ T5644] netlink: 72 bytes leftover after parsing attributes in process `syz.2.148'. [ 66.295695][ T4999] cdc_acm 6-1:1.0: ttyACM0: USB ACM device [ 66.299065][ T5644] Zero length message leads to an empty skb [ 66.303291][ T4999] usb 6-1: USB disconnect, device number 3 [ 66.515020][ T5210] Bluetooth: hci4: command tx timeout [ 66.909644][ T5472] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 66.919045][ T5472] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 66.950596][ T5472] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 66.977394][ T5472] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 67.119310][ T5472] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.137387][ T5472] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.172305][ T30] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.177787][ T30] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.191441][ T30] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.195921][ T30] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.492124][ T5472] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.549803][ T5472] veth0_vlan: entered promiscuous mode [ 67.562563][ T5472] veth1_vlan: entered promiscuous mode [ 67.604133][ T5472] veth0_macvtap: entered promiscuous mode [ 67.615987][ T5472] veth1_macvtap: entered promiscuous mode [ 67.638969][ T5472] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.653938][ T5472] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.678056][ T5472] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.682685][ T5472] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.687038][ T5472] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 67.703273][ T8] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 67.707146][ T5472] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.717380][ T5472] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.736985][ T5472] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.742402][ T5472] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.750791][ T5472] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.759205][ T5472] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.763606][ T5472] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 67.767172][ T5714] process 'syz.1.166' launched './file0' with NULL argv: empty string added [ 67.771842][ T5472] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 67.778251][ T5472] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 67.789193][ T39] audit: type=1804 audit(1719541129.584:2): pid=5713 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.165" name="/syzkaller.01Dhxj/48/bus" dev="sda1" ino=1957 res=1 errno=0 [ 67.790977][ T5472] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.814255][ C3] vkms_vblank_simulate: vblank timer overrun [ 67.830650][ T5472] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.835613][ T5472] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.841158][ T5472] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 67.923971][ T8] usb 5-1: Using ep0 maxpacket: 8 [ 67.928513][ T8] usb 5-1: config 0 has an invalid descriptor of length 48, skipping remainder of the config [ 67.939306][ T8] usb 5-1: New USB device found, idVendor=05ac, idProduct=8501, bcdDevice=20.9d [ 67.947919][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=105 [ 67.949471][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 67.951439][ T8] usb 5-1: SerialNumber: syz [ 67.959507][ T39] audit: type=1804 audit(1719541129.764:3): pid=5713 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.165" name="/syzkaller.01Dhxj/48/bus" dev="sda1" ino=1957 res=1 errno=0 [ 67.960297][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 67.971134][ T8] usb 5-1: config 0 descriptor?? [ 68.010973][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.016939][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.051212][ T5719] loop3: detected capacity change from 0 to 524288000 [ 68.268813][ T8] usb 5-1: Found UVC 0.00 device (05ac:8501) [ 68.271681][ T8] usb 5-1: No valid video chain found. [ 68.286994][ T8] usb 5-1: USB disconnect, device number 2 [ 68.594380][ T5210] Bluetooth: hci4: command tx timeout [ 68.934875][ T39] audit: type=1804 audit(1719541130.734:4): pid=5748 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.179" name="/syzkaller.01Dhxj/56/bus" dev="sda1" ino=1962 res=1 errno=0 [ 69.078061][ T39] audit: type=1804 audit(1719541130.874:5): pid=5748 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.2.179" name="/syzkaller.01Dhxj/56/bus" dev="sda1" ino=1962 res=1 errno=0 [ 69.409925][ C1] TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies. [ 69.420898][ T5764] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 69.928529][ T5210] Bluetooth: hci2: unexpected subevent 0x01 length: 25 > 18 [ 69.981987][ T5800] warning: `syz.3.204' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 70.047745][ T5803] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 70.536723][ T5820] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 70.731128][ T5831] netlink: 4 bytes leftover after parsing attributes in process `syz.3.216'. [ 70.945175][ T5845] usb usb9: Requested nonsensical USBDEVFS_URB_ZERO_PACKET. [ 71.008416][ T5849] netlink: 4 bytes leftover after parsing attributes in process `syz.0.223'. [ 71.374880][ T5867] netlink: 4 bytes leftover after parsing attributes in process `syz.2.231'. [ 71.509715][ T39] audit: type=1326 audit(1719541133.314:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5873 comm="syz.0.234" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7424579 code=0x0 [ 71.745674][ T5210] Bluetooth: hci2: unexpected event 0x03 length: 4 < 11 [ 71.967334][ T5210] Bluetooth: hci2: command tx timeout [ 72.565419][ T5903] netlink: 4 bytes leftover after parsing attributes in process `syz.1.245'. [ 73.409641][ T5210] Bluetooth: hci1: unexpected event 0x03 length: 4 < 11 [ 73.598606][ T1390] usb 7-1: new full-speed USB device number 3 using dummy_hcd [ 73.796517][ T1390] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 10 [ 73.801173][ T1390] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 512, setting to 64 [ 73.811462][ T1390] usb 7-1: config 1 interface 0 altsetting 0 endpoint 0x3 has invalid maxpacket 576, setting to 64 [ 73.817159][ T1390] usb 7-1: config 1 interface 0 altsetting 0 has 3 endpoint descriptors, different from the interface descriptor's value: 22 [ 73.861393][ T1390] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 73.868690][ T1390] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 73.873390][ T1390] usb 7-1: SerialNumber: syz [ 73.887652][ T5930] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 73.891209][ T5930] raw-gadget.1 gadget.2: fail, usb_ep_enable returned -22 [ 73.900654][ T1390] cdc_acm 7-1:1.0: Control and data interfaces are not separated! [ 74.166750][ T1390] cdc_acm 7-1:1.0: ttyACM0: USB ACM device [ 74.175996][ T1390] usb 7-1: USB disconnect, device number 3 [ 74.425444][ T5210] Bluetooth: hci1: unexpected event 0x03 length: 4 < 11 [ 74.483218][ T5969] netlink: 'syz.1.273': attribute type 2 has an invalid length. [ 74.493885][ T5969] netlink: 'syz.1.273': attribute type 1 has an invalid length. [ 74.497880][ T5969] netlink: 'syz.1.273': attribute type 1 has an invalid length. [ 74.682886][ T5975] usb usb2: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 74.998276][ T5984] netlink: 4 bytes leftover after parsing attributes in process `syz.0.279'. [ 75.449186][ T6011] netlink: 4 bytes leftover after parsing attributes in process `syz.2.289'. [ 75.521548][ T6013] @: renamed from vlan0 (while UP) [ 75.677436][ T39] audit: type=1326 audit(1719541137.474:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6027 comm="syz.1.297" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7443579 code=0x7ffc0000 [ 75.699653][ T39] audit: type=1326 audit(1719541137.474:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6027 comm="syz.1.297" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7443579 code=0x7ffc0000 [ 75.725190][ T39] audit: type=1326 audit(1719541137.494:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6027 comm="syz.1.297" exe="/syz-executor" sig=0 arch=40000003 syscall=383 compat=1 ip=0xf7443579 code=0x7ffc0000 [ 75.753941][ T39] audit: type=1326 audit(1719541137.494:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6027 comm="syz.1.297" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7443579 code=0x7ffc0000 [ 76.294618][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 76.424753][ T0] NOHZ tick-stop error: local softirq work is pending, handler #02!!! [ 76.679962][ T1353] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.682910][ T1353] ieee802154 phy1 wpan1: encryption failed: -22 [ 76.686685][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 77.008264][ T6082] netlink: 'syz.1.318': attribute type 19 has an invalid length. [ 77.327236][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 77.354270][ T6088] sd 0:0:0:0: PR command failed: 1026 [ 77.356979][ T6088] sd 0:0:0:0: Sense Key : Illegal Request [current] [ 77.360128][ T6088] sd 0:0:0:0: Add. Sense: Invalid command operation code [ 77.643393][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 77.647714][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 78.054666][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 78.059768][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 78.135175][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.139005][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 78.165772][ T6122] PKCS7: Unknown OID: [4] 5.25.264.112.81.102.117 [ 78.170564][ T6122] PKCS7: Only support pkcs7_signedData type [ 78.201487][ T6121] netlink: 'syz.0.337': attribute type 1 has an invalid length. [ 78.207763][ T6121] netlink: 9364 bytes leftover after parsing attributes in process `syz.0.337'. [ 78.212871][ T6121] netlink: 'syz.0.337': attribute type 1 has an invalid length. [ 78.533752][ T6135] @: renamed from vlan0 (while UP) [ 78.973933][ T5244] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 79.177471][ T5244] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xFF has an invalid bInterval 255, changing to 11 [ 79.194536][ T5244] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0xFF has invalid maxpacket 59391, setting to 1024 [ 79.199762][ T5244] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 79.213899][ T5244] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 79.220059][ T5244] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 79.237306][ T5244] usb 6-1: config 0 descriptor?? [ 79.240273][ T6139] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 79.512978][ T5210] Bluetooth: hci4: unexpected event 0x03 length: 4 < 11 [ 79.605631][ T6156] can0: slcan on ptm0. [ 79.737185][ T5244] plantronics 0003:047F:FFFF.0002: unknown main item tag 0xd [ 79.743636][ T5244] plantronics 0003:047F:FFFF.0002: No inputs registered, leaving [ 79.773085][ T5244] plantronics 0003:047F:FFFF.0002: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 79.784802][ T6155] can0 (unregistered): slcan off ptm0. [ 80.551015][ T6192] syz.0.362 (pid 6192) is setting deprecated v1 encryption policy; recommend upgrading to v2. [ 80.851089][ T6192] fscrypt: AES-128-CBC-CTS using implementation "cts-cbc-aes-aesni" [ 80.964431][ T6210] binder: 6209:6210 ioctl c0306201 20000580 returned -14 [ 81.096302][ T6192] fscrypt: AES-128-CBC-ESSIV using implementation "essiv(cbc-aes-aesni,sha256-ni)" [ 81.113332][ T39] audit: type=1800 audit(1719541142.914:11): pid=6192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.0.362" name="file0" dev="sda1" ino=1963 res=0 errno=0 [ 81.316388][ T5210] Bluetooth: hci1: unexpected event 0x03 length: 4 < 11 [ 81.808817][ T25] cfg80211: failed to load regulatory.db [ 81.871505][ T1390] usb 6-1: USB disconnect, device number 4 [ 82.007407][ T6230] rtc_cmos 00:05: Alarms can be up to one day in the future [ 82.112376][ T25] rtc_cmos 00:05: Alarms can be up to one day in the future [ 82.117861][ T25] rtc_cmos 00:05: Alarms can be up to one day in the future [ 82.131430][ T25] rtc_cmos 00:05: Alarms can be up to one day in the future [ 82.144940][ T25] rtc_cmos 00:05: Alarms can be up to one day in the future [ 82.148790][ T25] rtc rtc0: __rtc_set_alarm: err=-22 [ 82.340353][ T39] audit: type=1326 audit(1719541144.144:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6254 comm="syz.2.383" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7411579 code=0x0 [ 82.476819][ T6261] kernel profiling enabled (shift: 8) [ 82.541569][ T6262] syz.3.384 uses obsolete (PF_INET,SOCK_PACKET) [ 82.563702][ T6262] netlink: 12 bytes leftover after parsing attributes in process `syz.3.384'. [ 82.572540][ T6262] netlink: 48 bytes leftover after parsing attributes in process `syz.3.384'. [ 82.879624][ T6268] binder: 6267:6268 ioctl c0306201 20000580 returned -14 [ 82.951924][ T5210] Bluetooth: hci3: unexpected event 0x03 length: 4 < 11 [ 83.391893][ T6287] netlink: 277 bytes leftover after parsing attributes in process `syz.0.395'. [ 83.399096][ T6287] netlink: 277 bytes leftover after parsing attributes in process `syz.0.395'. [ 83.405559][ T6287] netlink: 12 bytes leftover after parsing attributes in process `syz.0.395'. [ 83.855647][ T6311] netlink: 277 bytes leftover after parsing attributes in process `syz.0.406'. [ 83.863061][ T6311] netlink: 277 bytes leftover after parsing attributes in process `syz.0.406'. [ 83.876321][ T6311] netlink: 12 bytes leftover after parsing attributes in process `syz.0.406'. [ 83.951294][ T6321] netlink: 'syz.1.411': attribute type 1 has an invalid length. [ 83.973903][ T6321] netlink: 4 bytes leftover after parsing attributes in process `syz.1.411'. [ 84.110820][ T5210] Bluetooth: hci1: unexpected event 0x03 length: 4 < 11 [ 84.217011][ T6335] bond_slave_0: mtu less than device minimum [ 84.272596][ T6335] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 84.383564][ T6342] netlink: 277 bytes leftover after parsing attributes in process `syz.3.421'. [ 84.388205][ T6342] netlink: 277 bytes leftover after parsing attributes in process `syz.3.421'. [ 84.399208][ T6342] netlink: 12 bytes leftover after parsing attributes in process `syz.3.421'. [ 84.944221][ T6364] netlink: 'syz.3.432': attribute type 10 has an invalid length. [ 84.974099][ T6364] batman_adv: batadv0: Adding interface: team0 [ 84.977345][ T6364] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 85.002461][ T6364] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 85.025774][ T6365] netlink: 'syz.3.432': attribute type 10 has an invalid length. [ 85.030441][ T6365] team0: entered promiscuous mode [ 85.032665][ T6365] team_slave_0: entered promiscuous mode [ 85.043046][ T6365] team_slave_1: entered promiscuous mode [ 85.047973][ T6365] 8021q: adding VLAN 0 to HW filter on device team0 [ 85.052117][ T6365] batman_adv: batadv0: Interface activated: team0 [ 85.066352][ T6365] batman_adv: batadv0: Interface deactivated: team0 [ 85.079081][ T6365] batman_adv: batadv0: Removing interface: team0 [ 85.093590][ T6365] bridge0: port 3(team0) entered blocking state [ 85.102583][ T6365] bridge0: port 3(team0) entered disabled state [ 85.105284][ T6365] team0: entered allmulticast mode [ 85.107198][ T6365] team_slave_0: entered allmulticast mode [ 85.109458][ T6365] team_slave_1: entered allmulticast mode [ 85.121633][ T5213] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 85.127745][ T5213] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 85.132943][ T5213] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 85.139632][ T6365] bridge0: port 3(team0) entered blocking state [ 85.139696][ T5213] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 85.143505][ T6365] bridge0: port 3(team0) entered forwarding state [ 85.147785][ T5213] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 85.151983][ T5213] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 85.597125][ T6366] chnl_net:caif_netlink_parms(): no params data found [ 85.839532][ T39] audit: type=1326 audit(1719541147.644:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6382 comm="syz.0.438" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7424579 code=0x0 [ 85.926911][ T63] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.154257][ T63] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.262688][ T6366] bridge0: port 1(bridge_slave_0) entered blocking state [ 86.266885][ T6366] bridge0: port 1(bridge_slave_0) entered disabled state [ 86.270094][ T6366] bridge_slave_0: entered allmulticast mode [ 86.275484][ T6366] bridge_slave_0: entered promiscuous mode [ 86.283480][ T6366] bridge0: port 2(bridge_slave_1) entered blocking state [ 86.289414][ T6366] bridge0: port 2(bridge_slave_1) entered disabled state [ 86.293228][ T6366] bridge_slave_1: entered allmulticast mode [ 86.301979][ T6366] bridge_slave_1: entered promiscuous mode [ 86.353211][ T63] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.473419][ T63] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 86.515368][ T6366] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 86.525582][ T6366] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 86.715110][ T6366] team0: Port device team_slave_0 added [ 86.747199][ T6366] team0: Port device team_slave_1 added [ 86.927913][ T6366] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 86.931160][ T6366] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 86.970673][ T6366] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 86.982775][ T39] audit: type=1800 audit(1719541148.784:14): pid=6408 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.447" name="file1" dev="sda1" ino=1948 res=0 errno=0 [ 86.984403][ T6366] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 87.001556][ T6366] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 87.016543][ T6366] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 87.189795][ T6366] hsr_slave_0: entered promiscuous mode [ 87.193297][ T6366] hsr_slave_1: entered promiscuous mode [ 87.200466][ T6366] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 87.203625][ T6366] Cannot create hsr debugfs directory [ 87.234077][ T5210] Bluetooth: hci0: command tx timeout [ 87.257543][ T6420] team0: entered promiscuous mode [ 87.260677][ T6420] team_slave_0: entered promiscuous mode [ 87.264323][ T6420] team_slave_1: entered promiscuous mode [ 87.344028][ T63] bridge_slave_1: left allmulticast mode [ 87.350765][ T63] bridge_slave_1: left promiscuous mode [ 87.364130][ T63] bridge0: port 2(bridge_slave_1) entered disabled state [ 87.384230][ T63] bridge_slave_0: left allmulticast mode [ 87.386780][ T63] bridge_slave_0: left promiscuous mode [ 87.394262][ T63] bridge0: port 1(bridge_slave_0) entered disabled state [ 87.762357][ T39] audit: type=1800 audit(1719541149.564:15): pid=6432 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.457" name="file1" dev="sda1" ino=1958 res=0 errno=0 [ 88.119233][ T63] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 88.180492][ T63] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 88.199885][ T63] bond0 (unregistering): Released all slaves [ 88.238927][ T6419] team0: left promiscuous mode [ 88.241937][ T6419] team_slave_0: left promiscuous mode [ 88.247415][ T6419] team_slave_1: left promiscuous mode [ 88.387144][ T6442] netlink: 'syz.3.461': attribute type 10 has an invalid length. [ 88.434210][ T6442] __nla_validate_parse: 3 callbacks suppressed [ 88.434226][ T6442] netlink: 209852 bytes leftover after parsing attributes in process `syz.3.461'. [ 88.441130][ T6442] openvswitch: netlink: Key type 29 is not supported [ 88.728278][ T6457] netlink: 256 bytes leftover after parsing attributes in process `syz.1.465'. [ 88.802348][ T63] hsr_slave_0: left promiscuous mode [ 88.810790][ T63] hsr_slave_1: left promiscuous mode [ 88.814790][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 88.818364][ T63] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 88.825619][ T63] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 88.829423][ T63] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 88.873104][ T63] veth1_macvtap: left promiscuous mode [ 88.876156][ T63] veth0_macvtap: left promiscuous mode [ 88.879110][ T63] veth1_vlan: left promiscuous mode [ 88.881618][ T63] veth0_vlan: left promiscuous mode [ 88.931857][ T39] audit: type=1800 audit(1719541150.734:16): pid=6468 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.470" name="file1" dev="sda1" ino=1957 res=0 errno=0 [ 89.150062][ T6474] netlink: 256 bytes leftover after parsing attributes in process `syz.0.473'. [ 89.303830][ C2] ================================================================== [ 89.307297][ C2] BUG: KASAN: stack-out-of-bounds in profile_pc+0x186/0x1a0 [ 89.310942][ C2] Read of size 8 at addr ffffc9000e47fb90 by task syz-executor/5472 [ 89.319235][ C2] [ 89.320882][ C2] CPU: 2 PID: 5472 Comm: syz-executor Not tainted 6.10.0-rc5-syzkaller-00200-g5bbd9b249880 #0 [ 89.323903][ T5210] Bluetooth: hci0: command tx timeout [ 89.325646][ C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.325657][ C2] Call Trace: [ 89.334413][ C2] [ 89.335678][ C2] dump_stack_lvl+0x116/0x1f0 [ 89.337781][ C2] print_report+0xc3/0x620 [ 89.339970][ C2] ? __virt_addr_valid+0x5e/0x580 [ 89.342549][ C2] kasan_report+0xd9/0x110 [ 89.344704][ C2] ? profile_pc+0x186/0x1a0 [ 89.347321][ C2] ? profile_pc+0x186/0x1a0 [ 89.349868][ C2] ? queued_read_lock_slowpath+0x131/0x2b1 [ 89.352607][ C2] profile_pc+0x186/0x1a0 [ 89.354660][ C2] profile_tick+0xd3/0x140 [ 89.356698][ C2] tick_nohz_handler+0x380/0x530 [ 89.358728][ C2] ? __pfx_tick_nohz_handler+0x10/0x10 [ 89.361000][ C2] __hrtimer_run_queues+0x657/0xcc0 [ 89.363655][ C2] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 89.367802][ C2] ? ktime_get_update_offsets_now+0x201/0x310 [ 89.370815][ C2] hrtimer_interrupt+0x31b/0x800 [ 89.373092][ C2] __sysvec_apic_timer_interrupt+0x10f/0x450 [ 89.375843][ C2] sysvec_apic_timer_interrupt+0x90/0xb0 [ 89.378642][ C2] [ 89.380251][ C2] [ 89.382529][ C2] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 89.385909][ C2] RIP: 0010:queued_read_lock_slowpath+0x131/0x2b1 [ 89.389824][ C2] Code: 85 45 01 00 00 8b 03 84 c0 74 36 48 b8 00 00 00 00 00 fc ff df 49 89 de 48 89 dd 49 c1 ee 03 83 e5 07 49 01 c6 83 c5 03 f3 90 <41> 0f b6 06 40 38 c5 7c 08 84 c0 0f 85 1f 01 00 00 8b 03 84 c0 75 [ 89.398430][ C2] RSP: 0018:ffffc9000e47fb88 EFLAGS: 00000286 [ 89.401948][ C2] RAX: 00000000000002ff RBX: ffffffff8d80a080 RCX: ffffffff8adff3cb [ 89.406130][ C2] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff8d80a080 [ 89.410536][ C2] RBP: 0000000000000003 R08: 0000000000000001 R09: fffffbfff1b01410 [ 89.414222][ C2] R10: ffffffff8d80a083 R11: 0000000000000000 R12: 1ffff92001c8ff72 [ 89.417569][ C2] R13: ffffffff8d80a084 R14: fffffbfff1b01410 R15: ffffffff8152a979 [ 89.421000][ C2] ? do_wait+0x1e9/0x570 [ 89.422839][ C2] ? queued_read_lock_slowpath+0xdb/0x2b1 [ 89.424838][ C2] ? queued_read_lock_slowpath+0xdb/0x2b1 [ 89.427612][ C2] ? __pfx_queued_read_lock_slowpath+0x10/0x10 [ 89.431437][ C2] __do_wait+0x105/0x890 [ 89.433538][ C2] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 89.436178][ C2] ? do_wait+0x1e9/0x570 [ 89.437882][ C2] do_wait+0x219/0x570 [ 89.439551][ C2] kernel_wait4+0x16c/0x280 [ 89.441672][ C2] ? __pfx_kernel_wait4+0x10/0x10 [ 89.443817][ C2] ? __pfx_child_wait_callback+0x10/0x10 [ 89.446056][ C2] ? fpu__restore_sig+0x140/0x180 [ 89.448217][ C2] __do_compat_sys_wait4+0x159/0x170 [ 89.450632][ C2] ? __pfx_lock_release+0x10/0x10 [ 89.452799][ C2] ? __pfx___do_compat_sys_wait4+0x10/0x10 [ 89.456029][ C2] ? __do_compat_sys_sigreturn+0x196/0x1f0 [ 89.458972][ C2] ? __pfx___do_compat_sys_sigreturn+0x10/0x10 [ 89.462326][ C2] __do_fast_syscall_32+0x73/0x120 [ 89.464886][ C2] do_fast_syscall_32+0x32/0x80 [ 89.467244][ C2] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 89.470265][ C2] RIP: 0023:0xf742b579 [ 89.472490][ C2] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 89.482453][ C2] RSP: 002b:00000000ffd8ff70 EFLAGS: 00000246 ORIG_RAX: 0000000000000072 [ 89.486339][ C2] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00000000ffd90090 [ 89.489610][ C2] RDX: 0000000040000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 89.493203][ C2] RBP: 00000000ffd90090 R08: 0000000000000000 R09: 0000000000000000 [ 89.497105][ C2] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 89.501221][ C2] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 89.504842][ C2] [ 89.506568][ C2] [ 89.507797][ C2] The buggy address belongs to stack of task syz-executor/5472 [ 89.511763][ C2] and is located at offset 0 in frame: [ 89.514515][ C2] queued_read_lock_slowpath+0x0/0x2b1 [ 89.517447][ C2] [ 89.518532][ C2] This frame has 1 object: [ 89.520879][ C2] [32, 36) 'val' [ 89.520890][ C2] [ 89.523993][ C2] The buggy address belongs to the virtual mapping at [ 89.523993][ C2] [ffffc9000e478000, ffffc9000e481000) created by: [ 89.523993][ C2] kernel_clone+0xfd/0x980 [ 89.535493][ C2] [ 89.536587][ C2] The buggy address belongs to the physical page: [ 89.538915][ C2] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x476a9 [ 89.542900][ C2] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 89.545997][ C2] raw: 04fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 89.549942][ C2] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 89.554219][ C2] page dumped because: kasan: bad access detected [ 89.557683][ C2] page_owner tracks the page as allocated [ 89.561223][ C2] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102dc2(GFP_HIGHUSER|__GFP_NOWARN|__GFP_ZERO), pid 5462, tgid 5462 (syz-executor), ts 60182553456, free_ts 60114916760 [ 89.569088][ C2] post_alloc_hook+0x2d1/0x350 [ 89.571158][ C2] get_page_from_freelist+0x1353/0x2e50 [ 89.573472][ C2] __alloc_pages_noprof+0x22b/0x2460 [ 89.575784][ C2] alloc_pages_mpol_noprof+0x275/0x610 [ 89.578276][ C2] __vmalloc_node_range_noprof+0xa6a/0x1520 [ 89.580763][ C2] copy_process+0x29f5/0x6f50 [ 89.582903][ C2] kernel_clone+0xfd/0x980 [ 89.584857][ C2] __do_compat_sys_ia32_clone+0xb7/0x100 [ 89.587183][ C2] __do_fast_syscall_32+0x73/0x120 [ 89.589259][ C2] do_fast_syscall_32+0x32/0x80 [ 89.591385][ C2] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 89.594117][ C2] page last free pid 5203 tgid 5203 stack trace: [ 89.597156][ C2] free_unref_page+0x64a/0xe40 [ 89.599014][ C2] vfree+0x181/0x7a0 [ 89.600799][ C2] kcov_put+0x2a/0x40 [ 89.602393][ C2] kcov_close+0x10/0x20 [ 89.604231][ C2] __fput+0x408/0xbb0 [ 89.606493][ C2] task_work_run+0x14e/0x250 [ 89.608566][ C2] do_exit+0xa9b/0x2ba0 [ 89.610376][ C2] do_group_exit+0xd3/0x2a0 [ 89.612406][ C2] get_signal+0x25c3/0x2670 [ 89.614472][ C2] arch_do_signal_or_restart+0x90/0x7e0 [ 89.617279][ C2] syscall_exit_to_user_mode+0x14a/0x2a0 [ 89.619914][ C2] __do_fast_syscall_32+0x80/0x120 [ 89.622216][ C2] do_fast_syscall_32+0x32/0x80 [ 89.624096][ C2] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 89.626533][ C2] [ 89.627630][ C2] Memory state around the buggy address: [ 89.630253][ C2] ffffc9000e47fa80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 89.634289][ C2] ffffc9000e47fb00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 89.637725][ C2] >ffffc9000e47fb80: 00 00 f1 f1 f1 f1 04 f3 f3 f3 00 00 00 00 00 00 [ 89.640523][ C2] ^ [ 89.642001][ C2] ffffc9000e47fc00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 89.646257][ C2] ffffc9000e47fc80: 00 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00 00 00 [ 89.649530][ C2] ================================================================== [ 89.653341][ C2] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 89.656845][ C2] CPU: 2 PID: 5472 Comm: syz-executor Not tainted 6.10.0-rc5-syzkaller-00200-g5bbd9b249880 #0 [ 89.662969][ C2] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 89.668376][ C2] Call Trace: [ 89.669966][ C2] [ 89.671265][ C2] dump_stack_lvl+0x3d/0x1f0 [ 89.675261][ C2] panic+0x6f5/0x7a0 [ 89.677630][ C2] ? __pfx_panic+0x10/0x10 [ 89.679902][ C2] ? rcu_is_watching+0x12/0xc0 [ 89.682497][ C2] ? __pfx_lock_release+0x10/0x10 [ 89.685534][ C2] ? check_panic_on_warn+0x1f/0xb0 [ 89.687746][ C2] check_panic_on_warn+0xab/0xb0 [ 89.690170][ C2] end_report+0x117/0x180 [ 89.692965][ C2] kasan_report+0xe9/0x110 [ 89.695476][ C2] ? profile_pc+0x186/0x1a0 [ 89.697641][ C2] ? profile_pc+0x186/0x1a0 [ 89.699730][ C2] ? queued_read_lock_slowpath+0x131/0x2b1 [ 89.702205][ C2] profile_pc+0x186/0x1a0 [ 89.704061][ C2] profile_tick+0xd3/0x140 [ 89.706938][ C2] tick_nohz_handler+0x380/0x530 [ 89.709379][ C2] ? __pfx_tick_nohz_handler+0x10/0x10 [ 89.711981][ C2] __hrtimer_run_queues+0x657/0xcc0 [ 89.714433][ C2] ? __pfx___hrtimer_run_queues+0x10/0x10 [ 89.716952][ C2] ? ktime_get_update_offsets_now+0x201/0x310 [ 89.719565][ C2] hrtimer_interrupt+0x31b/0x800 [ 89.721662][ C2] __sysvec_apic_timer_interrupt+0x10f/0x450 [ 89.724349][ C2] sysvec_apic_timer_interrupt+0x90/0xb0 [ 89.727086][ C2] [ 89.728538][ C2] [ 89.729865][ C2] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 89.732513][ C2] RIP: 0010:queued_read_lock_slowpath+0x131/0x2b1 [ 89.735819][ C2] Code: 85 45 01 00 00 8b 03 84 c0 74 36 48 b8 00 00 00 00 00 fc ff df 49 89 de 48 89 dd 49 c1 ee 03 83 e5 07 49 01 c6 83 c5 03 f3 90 <41> 0f b6 06 40 38 c5 7c 08 84 c0 0f 85 1f 01 00 00 8b 03 84 c0 75 [ 89.744149][ C2] RSP: 0018:ffffc9000e47fb88 EFLAGS: 00000286 [ 89.747216][ C2] RAX: 00000000000002ff RBX: ffffffff8d80a080 RCX: ffffffff8adff3cb [ 89.750754][ C2] RDX: 0000000000000000 RSI: 0000000000000004 RDI: ffffffff8d80a080 [ 89.753768][ C2] RBP: 0000000000000003 R08: 0000000000000001 R09: fffffbfff1b01410 [ 89.757262][ C2] R10: ffffffff8d80a083 R11: 0000000000000000 R12: 1ffff92001c8ff72 [ 89.761216][ C2] R13: ffffffff8d80a084 R14: fffffbfff1b01410 R15: ffffffff8152a979 [ 89.765355][ C2] ? do_wait+0x1e9/0x570 [ 89.767345][ C2] ? queued_read_lock_slowpath+0xdb/0x2b1 [ 89.769819][ C2] ? queued_read_lock_slowpath+0xdb/0x2b1 [ 89.772322][ C2] ? __pfx_queued_read_lock_slowpath+0x10/0x10 [ 89.775024][ C2] __do_wait+0x105/0x890 [ 89.777044][ C2] ? _raw_spin_unlock_irqrestore+0x52/0x80 [ 89.779884][ C2] ? do_wait+0x1e9/0x570 [ 89.781964][ C2] do_wait+0x219/0x570 [ 89.783711][ C2] kernel_wait4+0x16c/0x280 [ 89.785470][ C2] ? __pfx_kernel_wait4+0x10/0x10 [ 89.787582][ C2] ? __pfx_child_wait_callback+0x10/0x10 [ 89.790060][ C2] ? fpu__restore_sig+0x140/0x180 [ 89.792707][ C2] __do_compat_sys_wait4+0x159/0x170 [ 89.795232][ C2] ? __pfx_lock_release+0x10/0x10 [ 89.799046][ C2] ? __pfx___do_compat_sys_wait4+0x10/0x10 [ 89.803339][ C2] ? __do_compat_sys_sigreturn+0x196/0x1f0 [ 89.806339][ C2] ? __pfx___do_compat_sys_sigreturn+0x10/0x10 [ 89.809093][ C2] __do_fast_syscall_32+0x73/0x120 [ 89.811628][ C2] do_fast_syscall_32+0x32/0x80 [ 89.814125][ C2] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 89.817173][ C2] RIP: 0023:0xf742b579 [ 89.819027][ C2] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 89.829267][ C2] RSP: 002b:00000000ffd8ff70 EFLAGS: 00000246 ORIG_RAX: 0000000000000072 [ 89.834132][ C2] RAX: ffffffffffffffda RBX: 00000000ffffffff RCX: 00000000ffd90090 [ 89.837700][ C2] RDX: 0000000040000001 RSI: 0000000000000000 RDI: 0000000000000000 [ 89.842058][ C2] RBP: 00000000ffd90090 R08: 0000000000000000 R09: 0000000000000000 [ 89.845617][ C2] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 89.849177][ C2] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 89.852858][ C2] [ 90.962417][ C2] Shutting down cpus with NMI [ 90.965818][ C2] Kernel Offset: disabled [ 90.967787][ C2] Rebooting in 86400 seconds.. VM DIAGNOSIS: 02:19:11 Registers: info registers vcpu 0 CPU#0 RAX=0000000000002275 RBX=ffff8880247cb780 RCX=1ffffffff1fc4c91 RDX=0000000000000000 RSI=ffffffff8b2cb9e0 RDI=0000000000000001 RBP=ffff8880247cbb80 RSP=ffffc90006f17ce0 R8 =0000000000000001 R9 =0000000000000001 R10=ffffffff8fe2a717 R11=0000000000000000 R12=0000000000000000 R13=0000000000000021 R14=ffff8880247cb780 R15=ffff8880247cb780 RIP=ffffffff8adfcc09 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c000000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f5d3bcc0 CR3=000000002682c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 EAX=00000556 EBX=00035064 ECX=f7410ff4 EDX=013c8585 ESI=813c8585 EDI=ffffffff EBP=f7449008 ESP=fff226d0 EIP=f7178bc1 EFL=00000206 [-----P-] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA] SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 00000000 ffffffff 00c00000 GS =0063 56776440 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 00000000 ffffffff 00c00000 TR =0040 0004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f73df1a4 CR3=000000002682c000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000066 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84f96905 RDI=ffffffff94d5c040 RBP=ffffffff94d5c000 RSP=ffffc90000540868 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=6530303039636652 R12=0000000000000000 R13=0000000000000066 R14=ffffffff84f968a0 R15=0000000000000000 RIP=ffffffff84f9692f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c200000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7449024 CR3=00000000507f6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000004c251 RBX=0000000000000003 RCX=ffffffff8adc2d59 RDX=0000000000000000 RSI=ffffffff8b2cb9e0 RDI=ffffffff8b8fb8e0 RBP=ffffed1002cec488 RSP=ffffc90000497e08 R8 =0000000000000001 R9 =ffffed1005866fdd R10=ffff88802c337eeb R11=0000000000000000 R12=0000000000000003 R13=ffff888016762440 R14=ffffffff8fe2a710 R15=0000000000000000 RIP=ffffffff8adc414f RFL=00000242 [---Z---] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c300000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000020000080 CR3=0000000053cb8000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000