last executing test programs: 4.166749604s ago: executing program 3 (id=107): r0 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r0, 0x29, 0x40, &(0x7f0000000180)=@raw={'raw\x00', 0x4000000, 0x3, 0x2c0, 0x130, 0xffffffff, 0xffffffff, 0x130, 0xffffffff, 0x21c, 0xffffffff, 0xffffffff, 0x21c, 0xffffffff, 0x3, 0x0, {[{{@uncond, 0x0, 0xc8, 0x130, 0x0, {}, [@inet=@rpfilter={{0x24}, {0xae6a55e957cf15c1}}]}, @unspec=@CT2={0x68, 'CT\x00', 0x2, {0x0, 0x0, 0x0, 0x0, 'netbios-ns\x00', 'syz0\x00'}}}, {{@ipv6={@mcast1, @mcast1, [], [], 'lo\x00', 'rose0\x00'}, 0x0, 0xa4, 0xc8}, @common=@inet=@TCPMSS={0x24}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x31c) 4.086945713s ago: executing program 3 (id=110): openat$userio(0xffffffffffffff9c, &(0x7f0000001080), 0x0, 0x0) socket$inet_udp(0x2, 0x2, 0x0) r0 = openat$udambuf(0xffffffffffffff9c, &(0x7f00000000c0), 0x2) r1 = memfd_create(&(0x7f0000000340)='y\x105\xfb\xf7u\x83%:r\xc2\xb9x\xa4q\xc1\xea_\x8cZ7\xe7a\x9b\x11x\x0e\xa1\xcf\x1a\x98S7\xc9\x00\x00\x00\x00\x00\x00\a\x00\x00\x00\x00\x00\x00\x04\x879\xa24\xa9am\xde\xb2\xd3\xcbZJoa\xc4\x1acB\xaa\xc1\xfb Q\xd4\xf4\x01\xa52\xe2DG\xd4\xbd{\x9f\xa9\x97\x9b@\xdb\x00b\xe1br\xb6\x008\xe3\x10\xff\xc2\x9d\r2\x9e\x8e\x04sW\x1b\xb7\xb3\xa2\xc9&@\xca\xda\xdc\xe2/\x97X\xac\b\xb0\xc2<\x80E\x1a\xbc\xc7W\xda9VsA\xaf\xc6\xcf\xe1\xa1\xb5M\xa2\x85\xa6y\xc4J\xf1\xf7\xfcD\x95\xe3\xeb\xc7\xbc\x91\xb0\xa8\x9eo\xebF(\x9dL\x01vRk\xaacB\x04\xa7I\v\x86EZ\x96\xd5\x14OD\\\xe8R\xe4\xcd\xec\xcc\xd1\x0fre\xe86\xcd\xeb\xc4$\x98\x06J\xd6dD\x8d_U`ji{\xab\x97\xaf;l\x1f\xaf\xb38U\xcb\xfa\xb3j\x92\f\x81\xa0\xa2-g\b\x99\x0e\x8d\x8d\x16\xd9w\\\xf8\xce\xb0j\x9d\'\x93\xef\x1d\xa0H\xd9\xbd\xd9\xaf\x12$\x8d\x16%\x8b\x00', 0x3) ftruncate(r1, 0xffff) fcntl$addseals(r1, 0x409, 0x7) r2 = ioctl$UDMABUF_CREATE(r0, 0x40187542, &(0x7f0000000100)={r1, 0x0, 0x0, 0x1000}) fcntl$dupfd(r2, 0x0, r2) openat$capi20(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) pselect6(0x40, &(0x7f00000001c0)={0x300}, 0x0, 0x0, 0x0, 0x0) 4.086732929s ago: executing program 3 (id=111): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000540)={&(0x7f0000002e40)=@newqdisc={0x44, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_gred={{0x9}, {0x14, 0x2, [@TCA_GRED_DPS={0x10, 0x3, {0xa, 0x0, 0x1, 0x5}}]}}]}, 0x44}}, 0x0) 3.955779676s ago: executing program 3 (id=112): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000300)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000004c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffc000/0x2000)=nil, 0x2000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f0000000040)) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000500)={0x4c, 0x0, &(0x7f0000000580)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000380)={0x4c, 0x0, &(0x7f0000000740)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0}) 3.925068425s ago: executing program 3 (id=113): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_TIMEOUT_NEW(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000180)={0x30, 0x3, 0x8, 0x201, 0x0, 0x0, {}, [@CTA_TIMEOUT_DATA={0xc, 0x4, 0x0, 0x1, @fccp=[@CTA_TIMEOUT_DCCP_REQUEST={0x8}]}, @CTA_TIMEOUT_L4PROTO={0x5, 0x3, 0x1}, @CTA_TIMEOUT_L3PROTO={0x6}]}, 0x30}}, 0x0) 3.805296135s ago: executing program 3 (id=115): r0 = openat$userio(0xffffffffffffff9c, &(0x7f0000000080), 0x22242, 0x0) write$USERIO_CMD_SET_PORT_TYPE(r0, &(0x7f0000000040)={0x1, 0x5}, 0x2) write$USERIO_CMD_REGISTER(r0, &(0x7f00000000c0), 0x2) read(r0, &(0x7f0000000100)=""/85, 0x55) write$USERIO_CMD_SEND_INTERRUPT(r0, &(0x7f0000000000), 0x2) write$USERIO_CMD_SEND_INTERRUPT(r0, &(0x7f0000000180), 0x2) 1.258006869s ago: executing program 2 (id=162): fsetxattr(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0\x00', 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) mount(0x0, &(0x7f0000000040)='./file0\x00', &(0x7f0000000000)='devtmpfs\x00', 0x0, &(0x7f0000000380)='source') mkdirat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000)='./cgroup.net/syz1\x00', 0x1ff) mount$fuse(0x20000000, &(0x7f0000000400)='./file0\x00', 0x0, 0x223216, 0x0) ioctl$sock_SIOCGIFINDEX(0xffffffffffffffff, 0x8933, &(0x7f0000000080)={'veth0_macvtap\x00', 0x0}) ioctl$sock_inet6_SIOCADDRT(0xffffffffffffffff, 0x890b, &(0x7f0000000540)={@rand_addr=' \x01\x00', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @private1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4400046, r0}) r1 = socket$inet_udp(0x2, 0x2, 0x0) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000040)={'wg2\x00', 0x0}) r3 = socket$inet6_mptcp(0xa, 0x1, 0x106) ioctl$sock_inet6_SIOCADDRT(r3, 0x890b, &(0x7f0000000540)={@remote, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02', @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x0, 0x0, 0x0, 0x0, 0x6, r2}) 1.17494738s ago: executing program 2 (id=163): prctl$PR_SCHED_CORE(0x3e, 0x3, 0x0, 0x2, 0x0) getpid() bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = socket$nl_route(0x10, 0x3, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000800)={'bridge0\x00', 0x0}) sendmsg$nl_route(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=@bridge_newvlan={0x24, 0x70, 0x1, 0x0, 0x0, {0x7, 0x0, 0x0, r2}, [@BRIDGE_VLANDB_ENTRY={0xc, 0x1, 0x0, 0x1, @BRIDGE_VLANDB_ENTRY_INFO={0x8, 0x1, {0x43, 0x4}}}]}, 0x24}}, 0x0) socket$inet6_tcp(0xa, 0x1, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000000)) pipe(&(0x7f0000000080)={0xffffffffffffffff}) r4 = gettid() timer_create(0x0, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r4}, &(0x7f00000000c0)) timer_gettime(0x0, &(0x7f0000000180)) timer_settime(0x0, 0x0, &(0x7f0000000080)={{0x0, 0x8}, {0x0, 0x989680}}, 0x0) mount_setattr(r3, &(0x7f0000000240)='./file0\x00', 0x8000, &(0x7f0000000380)={0x0, 0x8, 0x180000}, 0x20) socket$nl_netfilter(0x10, 0x3, 0xc) bind$tipc(0xffffffffffffffff, &(0x7f0000000340)=@nameseq={0x1e, 0x1, 0x3, {0x43}}, 0x10) setsockopt$TIPC_GROUP_JOIN(0xffffffffffffffff, 0x10f, 0x87, &(0x7f0000000100)={0x43, 0x0, 0x3, 0x3}, 0x10) r5 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r5, 0x8933, &(0x7f0000000000)={'veth0_to_batadv\x00'}) r6 = syz_init_net_socket$llc(0x1a, 0x2, 0x0) setsockopt$sock_int(r6, 0x1, 0x3e, &(0x7f0000000140)=0x8, 0x4) sendmmsg$sock(r6, &(0x7f0000001e80)=[{{&(0x7f0000000180)=@pppol2tp, 0x80, 0x0}}], 0x1, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x2, 0x12, 0xffffffffffffffff, 0x0) r7 = userfaultfd(0x801) ioctl$UFFDIO_API(r7, 0xc018aa3f, &(0x7f00000000c0)) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) ioctl$UFFDIO_COPY(r7, 0xc028aa03, &(0x7f0000000080)={&(0x7f0000800000/0x800000)=nil, &(0x7f0000cd5000/0x4000)=nil, 0x800000}) migrate_pages(0x0, 0x4, &(0x7f00000002c0)=0x200000007f, &(0x7f0000000300)=0xa) 789.368508ms ago: executing program 0 (id=170): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0xa0201, 0x0) r1 = dup(r0) io_setup(0x19, &(0x7f00000009c0)=0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000002c0)) io_submit(r2, 0x1, &(0x7f0000000500)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) write$sndseq(r1, &(0x7f0000000440)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time}], 0x1c) 539.741508ms ago: executing program 1 (id=174): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x0, 0x0, 0x0, 0x0, 0x101, 0x19}}}]}, 0x78}}, 0x0) 474.852417ms ago: executing program 0 (id=175): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f00000022c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x5}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_LIMIT={0x8}, @TCA_FQ_CODEL_MEMORY_LIMIT={0x8}]}}]}, 0x48}}, 0x0) sendmmsg$inet(r0, &(0x7f0000006f40)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f00000001c0)="e3", 0x1}], 0x1}}], 0x1, 0x0) 473.27327ms ago: executing program 1 (id=176): r0 = socket$inet(0x10, 0x3, 0x0) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000300)={'bond0\x00', 0x0}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000380)=@newlink={0x4c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x24, 0x12, 0x0, 0x1, @macvlan={{0xc}, {0x14, 0x2, 0x0, 0x1, [@IFLA_MACVLAN_MODE={0x8, 0x1, 0x8}, @IFLA_MACVLAN_MACADDR_MODE={0x8}]}}}, @IFLA_LINK={0x8, 0x5, r1}]}, 0x4c}}, 0x0) 423.025467ms ago: executing program 0 (id=177): mprotect(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x0) pselect6(0x40, &(0x7f00000001c0), 0x0, 0x0, 0x0, 0x0) 421.678489ms ago: executing program 1 (id=178): ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(0xffffffffffffffff, 0x89f1, &(0x7f0000000240)={'syztnl2\x00', 0x0}) keyctl$instantiate(0xc, 0x0, &(0x7f0000000100)=@encrypted_new={'new ', 'default', 0x20, 'user:', 'syz', 0x20, 0xffd}, 0x2a, 0x0) r0 = add_key(&(0x7f0000000140)='encrypted\x00', &(0x7f0000000180), &(0x7f0000000100), 0xca, 0xfffffffffffffffe) keyctl$read(0x1d, r0, &(0x7f0000000240)=""/112, 0x349b7f55) 357.108544ms ago: executing program 0 (id=179): r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='blkio.bfq.io_queued_recursive\x00', 0x26e1, 0x0) capset(&(0x7f0000000080)={0x20071026}, &(0x7f0000000040)) close(r0) socket$inet6_udplite(0xa, 0x2, 0x88) sendmmsg$sock(r0, &(0x7f0000007140)=[{{&(0x7f0000000240)=@in6={0xa, 0x4e21, 0x0, @empty}, 0x80, 0x0}}, {{&(0x7f0000000080)=@in6={0x2, 0x4e24, 0x0, @remote}, 0x80, 0x0, 0x0, &(0x7f0000003700)=[@timestamping={{0x18, 0x1, 0x24}}], 0x18}}], 0x2, 0x0) 356.811794ms ago: executing program 1 (id=180): mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000e8ffffff850000000400000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000280)='tlb_flush\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x9, 0x4, 0x8, 0xc}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000006d00000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10) mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) 285.155846ms ago: executing program 0 (id=181): openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r0 = openat$fuse(0xffffffffffffff9c, &(0x7f00000000c0), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r0, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) r1 = openat(0xffffffffffffff9c, &(0x7f0000000640)='.\x00', 0x0, 0x0) renameat2(r1, &(0x7f00000001c0)='./file0\x00', r1, &(0x7f0000000200)='./bus\x00', 0x0) getsockopt$inet6_mreq(r1, 0x29, 0x1b, &(0x7f0000000140)={@local}, &(0x7f0000000180)=0x14) r2 = socket$inet(0x2, 0x3, 0x2) setsockopt$inet_mreqsrc(r2, 0x0, 0x27, &(0x7f0000000040)={@multicast2, @local}, 0xc) ioctl$SIOCSIFHWADDR(0xffffffffffffffff, 0x4030582b, &(0x7f0000000280)={'lo\x00', @link_local={0x1, 0x80, 0xc2, 0xc, 0x2}}) setsockopt$inet_msfilter(r2, 0x0, 0x29, &(0x7f0000000280)=ANY=[@ANYBLOB="e0000002ac1414aa0000000003"], 0x1c) r3 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r3, &(0x7f0000000380)={0x2, 0x0, @local}, 0x10) sendto$inet(r3, 0x0, 0x0, 0x2404c7fc, &(0x7f00000028c0)={0x2, 0x0, @multicast2}, 0x10) sendmsg$IEEE802154_LLSEC_LIST_SECLEVEL(0xffffffffffffffff, &(0x7f0000000440)={&(0x7f0000000180), 0xc, &(0x7f0000000400)={&(0x7f00000003c0)={0x14, 0x0, 0x100, 0x70bd2a, 0x25dfdbff, {}, [""]}, 0x14}, 0x1, 0x0, 0x0, 0x4000040}, 0x20004801) r4 = socket$inet(0x2, 0x1, 0x0) setsockopt$inet_mreqn(r4, 0x0, 0x27, &(0x7f0000000100)={@multicast2, @local}, 0xc) socket$nl_generic(0x10, 0x3, 0x10) syz_emit_ethernet(0x36, &(0x7f0000001800)={@link_local, @dev, @void, {@ipv4={0x800, @icmp={{0x5, 0x4, 0x0, 0x0, 0x28, 0x0, 0x0, 0x0, 0x2, 0x0, @empty, @multicast2}, @timestamp_reply={0x11}}}}}, 0x0) 284.795921ms ago: executing program 2 (id=182): r0 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$int_in(r0, 0x40000000af01, 0x0) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f0000000800)) r1 = socket$packet(0x11, 0x3, 0x300) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$nl_generic(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000180)={&(0x7f00000001c0)={0x14, 0x0, 0x0, 0x0, 0x0, {0x0, 0x7c}}, 0x14}}, 0x0) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f00000001c0)={0x0, 0x0, 0x0, &(0x7f00000003c0)=""/62, 0x0}) r3 = dup(r1) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000000)={0x0, r3}) ioctl$VHOST_NET_SET_BACKEND(r0, 0x4008af30, &(0x7f0000000040)) 179.496543ms ago: executing program 2 (id=183): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x103200, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000640)={0x1e, 0x4, &(0x7f0000000040)=@framed={{}, [@ldst={0x1, 0x0, 0x3, 0x9, 0x1, 0x24}]}, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x24}, 0x80) bpf$BPF_PROG_ATTACH(0x8, &(0x7f0000000740)={@map, r1, 0x24, 0x0, 0xffffffffffffffff, @prog_id}, 0x20) ioctl$TUNSETFILTEREBPF(r0, 0x800454e1, &(0x7f0000000200)=r1) r2 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0x5, 0x4, 0x8, 0x8}, 0x48) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000850000005000000018110000", @ANYRES32=r2, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000001b80)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='kfree\x00', r3}, 0x10) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000240)='cgroup.controllers\x00', 0x26e1, 0x0) 157.232688ms ago: executing program 0 (id=184): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0xa0201, 0x0) r1 = dup(r0) io_setup(0x19, &(0x7f00000009c0)=0x0) ioctl$SNDCTL_DSP_SETFRAGMENT(r0, 0xc004500a, &(0x7f0000000000)) ioctl$SNDCTL_DSP_SPEED(r0, 0xc0045002, &(0x7f00000002c0)) io_submit(r2, 0x1, &(0x7f0000000500)=[&(0x7f0000000200)={0x0, 0x0, 0x0, 0x5, 0x0, r1, 0x0}]) write$sndseq(r1, &(0x7f0000000440)=[{0x0, 0x0, 0x0, 0x0, @time, {}, {}, @time=@time}], 0x1c) 99.66265ms ago: executing program 1 (id=185): r0 = socket(0x10, 0x3, 0x0) r1 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000080)={'ip6tnl0\x00', 0x0}) sendmsg$nl_route_sched(r0, &(0x7f00000007c0)={0x0, 0x0, &(0x7f0000004640)={&(0x7f0000000540)=@newqdisc={0x78, 0x24, 0xf0b, 0x0, 0x0, {0x0, 0x0, 0x0, r2, {}, {0xffff, 0xffff}}, [@qdisc_kind_options=@q_sfq={{0x8}, {0x4c, 0x2, {{}, 0x0, 0x0, 0x0, 0x0, 0x101, 0x19}}}]}, 0x78}}, 0x0) 86.161549ms ago: executing program 2 (id=186): r0 = socket$inet(0x2, 0x4000000000000001, 0x0) bind$inet(r0, &(0x7f0000000080)={0x2, 0x4e23, @multicast1}, 0x10) sendto$inet(r0, 0x0, 0x0, 0x200007fd, &(0x7f0000e68000)={0x2, 0x4e23, @local}, 0x10) r1 = socket(0x10, 0x3, 0x0) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) sendmsg$nl_route_sched(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000c00)={&(0x7f00000022c0)=@newqdisc={0x48, 0x24, 0xd0f, 0x0, 0x0, {0x60, 0x0, 0x0, r3, {}, {0xffff, 0xffff}, {0x5}}, [@qdisc_kind_options=@q_fq_codel={{0xd}, {0x14, 0x2, [@TCA_FQ_CODEL_LIMIT={0x8}, @TCA_FQ_CODEL_MEMORY_LIMIT={0x8}]}}]}, 0x48}}, 0x0) sendmmsg$inet(r0, &(0x7f0000006f40)=[{{0x0, 0x0, &(0x7f00000007c0)=[{&(0x7f00000001c0)="e3", 0x1}], 0x1}}], 0x1, 0x0) 37.06139ms ago: executing program 1 (id=187): openat$userio(0xffffffffffffff9c, &(0x7f0000000000), 0x2002, 0x0) r0 = syz_open_dev$vim2m(&(0x7f00000001c0), 0x0, 0x2) prctl$PR_SCHED_CORE(0x3e, 0x0, 0x0, 0x2, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x11, 0xc, &(0x7f0000000800)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000000850000007000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000004c0)={&(0x7f0000000500)='tlb_flush\x00', r2}, 0x10) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) r3 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r3) sendmsg$NFT_BATCH(0xffffffffffffffff, &(0x7f00000004c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000240)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a"], 0x50}}, 0x0) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r4 = inotify_init1(0x0) fcntl$setown(r4, 0x8, 0xffffffffffffffff) fcntl$getownex(r4, 0x10, &(0x7f0000000140)={0x0, 0x0}) r6 = syz_open_procfs(r5, &(0x7f0000000600)='fd/4\x00') ioctl$EXT4_IOC_GROUP_EXTEND(r6, 0x4030582a, &(0x7f0000000240)) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x10, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x0, 0x0, 0x0) socket$kcm(0x10, 0x0, 0x0) add_key$keyring(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xffffffffffffffff) openat$cdrom(0xffffff9c, &(0x7f0000004d40), 0x0, 0x0) r7 = syz_io_uring_setup(0x82e, &(0x7f0000000300)={0x0, 0x0, 0x200}, &(0x7f0000000100)=0x0, &(0x7f0000000080)=0x0) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$KVM_CAP_EXIT_HYPERCALL(r0, 0x4068aea3, &(0x7f0000000140)={0xc9, 0x0, 0xc}) bpf$PROG_LOAD(0x5, 0x0, 0x0) syz_io_uring_submit(r8, r9, 0x0) io_uring_enter(r7, 0x5b43, 0x0, 0x0, 0x0, 0x0) 0s ago: executing program 2 (id=188): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000f0000150000000000000000180100002020702500000000000f20207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b7030000de000007850000002d00000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f00000003c0)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018120000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000000000000b704000000090000850000004300000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000240)=ANY=[], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r2}, 0x10) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:7917' (ED25519) to the list of known hosts. [ 49.825567][ T5197] cgroup: Unknown subsys name 'net' [ 49.952838][ T5197] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 51.321505][ T5197] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 55.875162][ T5212] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 55.883932][ T5217] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 55.887491][ T5212] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 55.888411][ T5219] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 55.890818][ T5212] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 55.894289][ T5221] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 55.897762][ T5212] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 55.898438][ T5217] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 55.899018][ T5217] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 55.906424][ T5221] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 55.906812][ T5212] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 55.907628][ T5221] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 55.908452][ T5221] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 55.908837][ T5221] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 55.911877][ T5217] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 55.912634][ T5212] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 55.924572][ T5217] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 55.929739][ T5217] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 55.935196][ T5212] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 55.940227][ T5212] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 55.943683][ T5212] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 55.952474][ T5216] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 55.956467][ T5216] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 55.960090][ T5216] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 56.294419][ T5208] chnl_net:caif_netlink_parms(): no params data found [ 56.338185][ T5207] chnl_net:caif_netlink_parms(): no params data found [ 56.355189][ T5215] chnl_net:caif_netlink_parms(): no params data found [ 56.549173][ T5222] chnl_net:caif_netlink_parms(): no params data found [ 56.622291][ T5215] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.625788][ T5215] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.629335][ T5215] bridge_slave_0: entered allmulticast mode [ 56.633792][ T5215] bridge_slave_0: entered promiscuous mode [ 56.665719][ T5208] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.668710][ T5208] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.671576][ T5208] bridge_slave_0: entered allmulticast mode [ 56.675052][ T5208] bridge_slave_0: entered promiscuous mode [ 56.729970][ T5207] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.732427][ T5207] bridge0: port 1(bridge_slave_0) entered disabled state [ 56.735145][ T5207] bridge_slave_0: entered allmulticast mode [ 56.738728][ T5207] bridge_slave_0: entered promiscuous mode [ 56.741771][ T5215] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.744327][ T5215] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.746865][ T5215] bridge_slave_1: entered allmulticast mode [ 56.749745][ T5215] bridge_slave_1: entered promiscuous mode [ 56.752705][ T5208] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.755664][ T5208] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.761526][ T5208] bridge_slave_1: entered allmulticast mode [ 56.765410][ T5208] bridge_slave_1: entered promiscuous mode [ 56.798235][ T5207] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.800804][ T5207] bridge0: port 2(bridge_slave_1) entered disabled state [ 56.803658][ T5207] bridge_slave_1: entered allmulticast mode [ 56.807412][ T5207] bridge_slave_1: entered promiscuous mode [ 56.945868][ T5215] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.956328][ T5208] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.963459][ T5208] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 56.975690][ T5207] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 56.982978][ T5215] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.036177][ T5207] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.118931][ T5208] team0: Port device team_slave_0 added [ 57.153895][ T5222] bridge0: port 1(bridge_slave_0) entered blocking state [ 57.160779][ T5222] bridge0: port 1(bridge_slave_0) entered disabled state [ 57.163950][ T5222] bridge_slave_0: entered allmulticast mode [ 57.168135][ T5222] bridge_slave_0: entered promiscuous mode [ 57.225694][ T5215] team0: Port device team_slave_0 added [ 57.230869][ T5208] team0: Port device team_slave_1 added [ 57.258902][ T5222] bridge0: port 2(bridge_slave_1) entered blocking state [ 57.261876][ T5222] bridge0: port 2(bridge_slave_1) entered disabled state [ 57.264846][ T5222] bridge_slave_1: entered allmulticast mode [ 57.268625][ T5222] bridge_slave_1: entered promiscuous mode [ 57.312050][ T5207] team0: Port device team_slave_0 added [ 57.316612][ T5215] team0: Port device team_slave_1 added [ 57.379265][ T5207] team0: Port device team_slave_1 added [ 57.401143][ T5208] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.404213][ T5208] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.415087][ T5208] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.423137][ T5222] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 57.441681][ T5215] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.444529][ T5215] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.455392][ T5215] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.460200][ T5208] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.463198][ T5208] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.474339][ T5208] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.481641][ T5222] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 57.516665][ T5215] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.519963][ T5215] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.531186][ T5215] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.562848][ T5207] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.565672][ T5207] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.577214][ T5207] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.584525][ T5207] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.587510][ T5207] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.597714][ T5207] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.642731][ T5222] team0: Port device team_slave_0 added [ 57.648265][ T5222] team0: Port device team_slave_1 added [ 57.799941][ T5222] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 57.802636][ T5222] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.812293][ T5222] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 57.822499][ T5208] hsr_slave_0: entered promiscuous mode [ 57.825166][ T5208] hsr_slave_1: entered promiscuous mode [ 57.872564][ T5215] hsr_slave_0: entered promiscuous mode [ 57.875953][ T5215] hsr_slave_1: entered promiscuous mode [ 57.878668][ T5215] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.882083][ T5215] Cannot create hsr debugfs directory [ 57.885124][ T5222] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 57.888371][ T5222] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 57.899023][ T5222] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 57.913300][ T5207] hsr_slave_0: entered promiscuous mode [ 57.915855][ T5207] hsr_slave_1: entered promiscuous mode [ 57.922054][ T5207] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 57.925158][ T5207] Cannot create hsr debugfs directory [ 57.936892][ T5216] Bluetooth: hci2: command tx timeout [ 58.006760][ T4650] Bluetooth: hci1: command tx timeout [ 58.006796][ T5212] Bluetooth: hci0: command tx timeout [ 58.009361][ T5216] Bluetooth: hci3: command tx timeout [ 58.121111][ T5222] hsr_slave_0: entered promiscuous mode [ 58.124470][ T5222] hsr_slave_1: entered promiscuous mode [ 58.127687][ T5222] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 58.131104][ T5222] Cannot create hsr debugfs directory [ 58.474782][ T5207] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 58.485849][ T5207] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 58.493080][ T5207] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 58.501210][ T5207] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 58.555288][ T5208] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 58.564418][ T5208] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 58.581841][ T5208] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 58.593744][ T5208] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 58.656231][ T5215] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 58.662696][ T5215] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 58.671996][ T5215] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 58.680675][ T5215] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 58.746442][ T5222] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 58.750970][ T5222] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 58.763166][ T5222] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 58.786765][ T5222] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 58.807475][ T5207] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.851488][ T5207] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.874309][ T57] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.877672][ T57] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.889874][ T5215] 8021q: adding VLAN 0 to HW filter on device bond0 [ 58.904395][ T57] bridge0: port 2(bridge_slave_1) entered blocking state [ 58.907391][ T57] bridge0: port 2(bridge_slave_1) entered forwarding state [ 58.955992][ T5215] 8021q: adding VLAN 0 to HW filter on device team0 [ 58.974645][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 58.977374][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 58.993074][ T5208] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.002855][ T10] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.005817][ T10] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.060726][ T5208] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.093107][ T10] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.096137][ T10] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.108593][ T5222] 8021q: adding VLAN 0 to HW filter on device bond0 [ 59.127390][ T5222] 8021q: adding VLAN 0 to HW filter on device team0 [ 59.135585][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.139678][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.175437][ T5208] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 59.179202][ T5208] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 59.188569][ T59] bridge0: port 1(bridge_slave_0) entered blocking state [ 59.191449][ T59] bridge0: port 1(bridge_slave_0) entered forwarding state [ 59.201715][ T59] bridge0: port 2(bridge_slave_1) entered blocking state [ 59.204743][ T59] bridge0: port 2(bridge_slave_1) entered forwarding state [ 59.271853][ T5222] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 59.276515][ T5222] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 59.362915][ T5215] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.368745][ T5207] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.442083][ T5207] veth0_vlan: entered promiscuous mode [ 59.460004][ T5208] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.468513][ T5215] veth0_vlan: entered promiscuous mode [ 59.474661][ T5207] veth1_vlan: entered promiscuous mode [ 59.482425][ T5215] veth1_vlan: entered promiscuous mode [ 59.533726][ T5222] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 59.539144][ T5207] veth0_macvtap: entered promiscuous mode [ 59.559922][ T5208] veth0_vlan: entered promiscuous mode [ 59.563337][ T5207] veth1_macvtap: entered promiscuous mode [ 59.586681][ T5215] veth0_macvtap: entered promiscuous mode [ 59.597244][ T5215] veth1_macvtap: entered promiscuous mode [ 59.612400][ T5208] veth1_vlan: entered promiscuous mode [ 59.631875][ T5207] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.654918][ T5207] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.673171][ T5207] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.677100][ T5207] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.680280][ T5207] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.683842][ T5207] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.692349][ T5215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.697178][ T5215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.702580][ T5215] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 59.719472][ T5215] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 59.723408][ T5215] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.727930][ T5215] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 59.754164][ T5222] veth0_vlan: entered promiscuous mode [ 59.759366][ T5215] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.762306][ T5215] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.765349][ T5215] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.769146][ T5215] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 59.787614][ T5208] veth0_macvtap: entered promiscuous mode [ 59.814043][ T5222] veth1_vlan: entered promiscuous mode [ 59.845513][ T5208] veth1_macvtap: entered promiscuous mode [ 59.897661][ T65] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.901138][ T65] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.955305][ T5222] veth0_macvtap: entered promiscuous mode [ 59.960773][ T1184] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 59.964110][ T1184] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 59.969887][ T5208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.974654][ T5208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.979099][ T5208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 59.983725][ T5208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 59.990208][ T5208] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.001229][ T5208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.005600][ T5208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.011079][ T5208] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.015444][ T5208] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.018111][ T5216] Bluetooth: hci2: command tx timeout [ 60.022324][ T5208] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.036248][ T1184] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.036775][ T5222] veth1_macvtap: entered promiscuous mode [ 60.039531][ T1184] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.053715][ T5208] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.057686][ T5208] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.061462][ T5208] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.064942][ T5208] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.086264][ T5216] Bluetooth: hci0: command tx timeout [ 60.088558][ T5212] Bluetooth: hci3: command tx timeout [ 60.090380][ T5212] Bluetooth: hci1: command tx timeout [ 60.103212][ T5222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.108055][ T5222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.112134][ T5222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.116920][ T5222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.120938][ T5222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 60.125290][ T5222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.132955][ T5222] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 60.148395][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.151307][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.152782][ T5222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.158404][ T5222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.162390][ T5222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.166819][ T5222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.170900][ T5222] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 60.175337][ T5222] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 60.183401][ T5222] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 60.205027][ T5222] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.209299][ T5222] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.212978][ T5222] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.217021][ T5222] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 60.324267][ T1088] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.336428][ T1088] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.373997][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.377341][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.404694][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.415321][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 60.514304][ T83] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 60.518943][ T83] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 61.936310][ T5350] input: syz1 as /devices/virtual/input/input5 [ 62.086320][ T4650] Bluetooth: hci2: command tx timeout [ 62.174119][ T4650] Bluetooth: hci0: command tx timeout [ 62.174221][ T5212] Bluetooth: hci3: command tx timeout [ 62.179597][ T5216] Bluetooth: hci1: command tx timeout [ 62.744245][ T39] audit: type=1326 audit(1721280138.635:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5377 comm="syz.0.50" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x50000 [ 62.756195][ T39] audit: type=1326 audit(1721280138.635:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5377 comm="syz.0.50" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x50000 [ 62.765098][ T39] audit: type=1326 audit(1721280138.635:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5377 comm="syz.0.50" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x50000 [ 62.774760][ T39] audit: type=1326 audit(1721280138.635:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5377 comm="syz.0.50" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x50000 [ 62.790930][ T39] audit: type=1326 audit(1721280138.635:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5377 comm="syz.0.50" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x50000 [ 62.800490][ T39] audit: type=1326 audit(1721280138.635:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5377 comm="syz.0.50" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x50000 [ 62.810688][ T39] audit: type=1326 audit(1721280138.635:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5377 comm="syz.0.50" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x50000 [ 62.816213][ T5252] psmouse serio2: Failed to reset mouse on : -5 [ 62.820220][ T39] audit: type=1326 audit(1721280138.635:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5377 comm="syz.0.50" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x50000 [ 62.837501][ T39] audit: type=1326 audit(1721280138.635:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5377 comm="syz.0.50" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x50000 [ 62.859313][ T39] audit: type=1326 audit(1721280138.635:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=5377 comm="syz.0.50" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x50000 [ 64.167016][ T5212] Bluetooth: hci2: command tx timeout [ 64.247453][ T5212] Bluetooth: hci3: command tx timeout [ 64.250000][ T5212] Bluetooth: hci1: command tx timeout [ 64.256180][ T5212] Bluetooth: hci0: command tx timeout [ 66.272962][ T5428] raw_sendmsg: syz.0.71 forgot to set AF_INET. Fix it! [ 66.433594][ T5435] syz.1.74 uses obsolete (PF_INET,SOCK_PACKET) [ 66.629455][ T5252] misc userio: Buffer overflowed, userio client isn't keeping up [ 66.965348][ T5468] ip6t_rpfilter: unknown options [ 67.462376][ T5483] syz.2.92: attempt to access beyond end of device [ 67.462376][ T5483] loop2: rw=0, sector=0, nr_sectors = 8 limit=0 [ 67.468644][ T5483] F2FS-fs (loop2): Unable to read 1th superblock [ 67.472313][ T5483] syz.2.92: attempt to access beyond end of device [ 67.472313][ T5483] loop2: rw=0, sector=8, nr_sectors = 8 limit=0 [ 67.481225][ T5483] F2FS-fs (loop2): Unable to read 2th superblock [ 67.627972][ T5494] ip6t_rpfilter: unknown options [ 67.711447][ T5252] input: PS/2 Generic Mouse as /devices/serio2/input/input6 [ 67.946361][ T5252] psmouse serio2: Failed to enable mouse on [ 68.087955][ T5519] ip6t_rpfilter: unknown options [ 68.257509][ T5528] syz.1.108: attempt to access beyond end of device [ 68.257509][ T5528] loop1: rw=0, sector=0, nr_sectors = 8 limit=0 [ 68.265462][ T5528] F2FS-fs (loop1): Unable to read 1th superblock [ 68.296310][ T5528] syz.1.108: attempt to access beyond end of device [ 68.296310][ T5528] loop1: rw=0, sector=8, nr_sectors = 8 limit=0 [ 68.303335][ T5528] F2FS-fs (loop1): Unable to read 2th superblock [ 68.466295][ T814] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 68.646211][ T59] psmouse serio3: Failed to reset mouse on : -5 [ 68.687071][ T814] usb 7-1: config index 0 descriptor too short (expected 68, got 36) [ 68.691964][ T814] usb 7-1: config 0 has an invalid descriptor of length 131, skipping remainder of the config [ 68.696647][ T814] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 68.700500][ T814] usb 7-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00 [ 68.707857][ T5552] ip6t_rpfilter: unknown options [ 68.708245][ T814] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 68.717765][ T814] usb 7-1: config 0 descriptor?? [ 69.030599][ T5212] Bluetooth: hci2: Unknown advertising packet type: 0x70 [ 69.030673][ T5212] Bluetooth: hci2: adv larger than maximum supported [ 69.034075][ T5212] Bluetooth: hci2: Malformed LE Event: 0x0d [ 69.126366][ T30] usb 7-1: USB disconnect, device number 2 [ 69.131226][ T5576] ip6t_rpfilter: unknown options [ 70.316157][ T35] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 70.343582][ T5644] syz.0.155: attempt to access beyond end of device [ 70.343582][ T5644] nbd0: rw=0, sector=2, nr_sectors = 1 limit=0 [ 70.501610][ T35] usb 6-1: config index 0 descriptor too short (expected 68, got 36) [ 70.509583][ T35] usb 6-1: config 0 has an invalid descriptor of length 131, skipping remainder of the config [ 70.514543][ T35] usb 6-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 70.518627][ T35] usb 6-1: New USB device found, idVendor=06cb, idProduct=81a7, bcdDevice= 0.00 [ 70.522754][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.530197][ T35] usb 6-1: config 0 descriptor?? [ 70.656683][ C2] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 70.854120][ T5212] Bluetooth: hci0: Unknown advertising packet type: 0x70 [ 70.854179][ T5212] Bluetooth: hci0: adv larger than maximum supported [ 70.860747][ T5212] Bluetooth: hci0: Malformed LE Event: 0x0d [ 70.923316][ T30] usb 6-1: USB disconnect, device number 2 [ 71.023612][ T5660] Non-string source [ 71.286851][ C1] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 71.576110][ T5680] Non-string source [ 71.890226][ T5694] capability: warning: `syz.0.179' uses deprecated v2 capabilities in a way that may be insecure [ 71.899797][ T5694] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 71.927286][ C0] GRED: Unable to relocate VQ 0x0 after dequeue, screwing up backlog [ 72.351192][ C1] [ 72.352344][ C1] ================================ [ 72.354744][ C1] WARNING: inconsistent lock state [ 72.357125][ C1] 6.10.0-syzkaller-05505-gb1bc554e009e #0 Not tainted [ 72.362147][ C1] -------------------------------- [ 72.364442][ C1] inconsistent {HARDIRQ-ON-W} -> {IN-HARDIRQ-W} usage. [ 72.370570][ C1] syz.1.187/5715 [HC1[1]:SC0[0]:HE0:SE1] takes: [ 72.373632][ C1] ffff88802c138aa0 (lock#13){?.+.}-{2:2}, at: __mmap_lock_do_trace_acquire_returned+0x7f/0x790 [ 72.378331][ C1] {HARDIRQ-ON-W} state was registered at: [ 72.380955][ C1] lock_acquire+0x1b1/0x560 [ 72.382949][ C1] __mmap_lock_do_trace_acquire_returned+0x97/0x790 [ 72.385774][ C1] lock_mm_and_find_vma+0xeb/0x6a0 [ 72.387999][ C1] do_user_addr_fault+0x2b5/0x13f0 [ 72.390206][ C1] exc_page_fault+0x5c/0xc0 [ 72.392110][ C1] asm_exc_page_fault+0x26/0x30 [ 72.394380][ C1] _copy_to_iter+0x48f/0xfc0 [ 72.396602][ C1] copy_page_to_iter+0xf1/0x180 [ 72.398854][ C1] process_vm_rw_core.constprop.0+0x5c9/0xa10 [ 72.401630][ C1] process_vm_rw+0x301/0x360 [ 72.403785][ C1] __ia32_sys_process_vm_readv+0xdf/0x1b0 [ 72.406396][ C1] __do_fast_syscall_32+0x73/0x120 [ 72.408733][ C1] do_fast_syscall_32+0x32/0x80 [ 72.411136][ C1] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 72.414026][ C1] irq event stamp: 1268 [ 72.415877][ C1] hardirqs last enabled at (1267): [] _raw_spin_unlock_irqrestore+0x52/0x80 [ 72.420427][ C1] hardirqs last disabled at (1268): [] sysvec_call_function_single+0xe/0xb0 [ 72.424726][ C1] softirqs last enabled at (0): [] copy_process+0x1ee0/0x6f50 [ 72.427836][ C1] softirqs last disabled at (0): [<0000000000000000>] 0x0 [ 72.430621][ C1] [ 72.430621][ C1] other info that might help us debug this: [ 72.434160][ C1] Possible unsafe locking scenario: [ 72.434160][ C1] [ 72.437403][ C1] CPU0 [ 72.438917][ C1] ---- [ 72.440417][ C1] lock(lock#13); [ 72.442144][ C1] [ 72.443688][ C1] lock(lock#13); [ 72.445465][ C1] [ 72.445465][ C1] *** DEADLOCK *** [ 72.445465][ C1] [ 72.448665][ C1] 7 locks held by syz.1.187/5715: [ 72.450633][ C1] #0: ffff88801ddf8420 (sb_writers#4){.+.+}-{0:0}, at: ioctl_preallocate+0x1a8/0x220 [ 72.454356][ C1] #1: ffff88802a41d3b8 (&sb->s_type->i_mutex_key#8){++++}-{3:3}, at: ext4_fallocate+0x342/0x3f60 [ 72.458398][ C1] #2: ffff88801d7f4950 (jbd2_handle){.+.+}-{0:0}, at: start_this_handle+0x10db/0x15e0 [ 72.462353][ C1] #3: ffff88802a41d248 (&ei->i_data_sem){++++}-{3:3}, at: ext4_map_blocks+0x5ab/0x17d0 [ 72.466612][ C1] #4: ffff88802c137fa0 (lock#4){+.+.}-{2:2}, at: folio_add_lru+0x298/0x7f0 [ 72.470450][ C1] #5: ffffffff8dbb4e60 (rcu_read_lock){....}-{1:2}, at: bpf_trace_run2+0x1c2/0x590 [ 72.474633][ C1] #6: ffff888025c54418 (&mm->mmap_lock){++++}-{3:3}, at: stack_map_get_build_id_offset+0x28a/0x760 [ 72.479477][ C1] [ 72.479477][ C1] stack backtrace: [ 72.482134][ C1] CPU: 1 PID: 5715 Comm: syz.1.187 Not tainted 6.10.0-syzkaller-05505-gb1bc554e009e #0 [ 72.486187][ C1] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 72.490348][ C1] Call Trace: [ 72.491866][ C1] [ 72.493337][ C1] dump_stack_lvl+0x116/0x1f0 [ 72.495958][ C1] mark_lock+0x923/0xc60 [ 72.498158][ C1] ? __pfx_mark_lock+0x10/0x10 [ 72.500217][ C1] ? mark_lock+0xb5/0xc60 [ 72.502140][ C1] ? __pfx_mark_lock+0x10/0x10 [ 72.504155][ C1] ? __pfx_mark_lock+0x10/0x10 [ 72.506213][ C1] ? hlock_class+0x4e/0x130 [ 72.508122][ C1] ? hlock_class+0x4e/0x130 [ 72.510154][ C1] ? hlock_class+0x4e/0x130 [ 72.512133][ C1] ? __lock_acquire+0xc5d/0x3b30 [ 72.514197][ C1] __lock_acquire+0x1359/0x3b30 [ 72.516478][ C1] ? mark_lock+0x92/0xc60 [ 72.518411][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 72.520651][ C1] ? lock_acquire+0x1b1/0x560 [ 72.522689][ C1] lock_acquire+0x1b1/0x560 [ 72.524855][ C1] ? __mmap_lock_do_trace_acquire_returned+0x7f/0x790 [ 72.527880][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 72.530215][ C1] ? get_segment_base+0x1c6/0x270 [ 72.532267][ C1] ? perf_callchain_user+0x534/0xa20 [ 72.534328][ C1] ? down_read_trylock+0x1ed/0x3f0 [ 72.536251][ C1] ? stack_map_get_build_id_offset+0x28a/0x760 [ 72.538637][ C1] __mmap_lock_do_trace_acquire_returned+0x97/0x790 [ 72.541346][ C1] ? __mmap_lock_do_trace_acquire_returned+0x7f/0x790 [ 72.544154][ C1] stack_map_get_build_id_offset+0x602/0x760 [ 72.546768][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 72.548975][ C1] ? exc_page_fault+0x34/0xc0 [ 72.550856][ C1] __bpf_get_stack+0x68a/0x710 [ 72.552978][ C1] ? __pfx___bpf_get_stack+0x10/0x10 [ 72.555390][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 72.557545][ C1] ? bpf_trace_run2+0x266/0x590 [ 72.559629][ C1] ? __pfx_lock_release+0x10/0x10 [ 72.561743][ C1] bpf_get_stack_raw_tp+0x124/0x160 [ 72.563807][ C1] bpf_prog_ec3b2eefa702d8d3+0x42/0x46 [ 72.565956][ C1] bpf_trace_run2+0x231/0x590 [ 72.567878][ C1] ? __pfx_bpf_trace_run2+0x10/0x10 [ 72.570148][ C1] ? group_send_sig_info+0x124/0x300 [ 72.571990][ C1] ? __pfx___bpf_trace_tlb_flush+0x10/0x10 [ 72.574211][ C1] ? __pfx_flush_tlb_func+0x10/0x10 [ 72.576541][ C1] __traceiter_tlb_flush+0x64/0xb0 [ 72.578837][ C1] trace_tlb_flush+0xf3/0x170 [ 72.580737][ C1] __flush_smp_call_function_queue+0x27a/0x8c0 [ 72.583260][ C1] __sysvec_call_function_single+0x8c/0x410 [ 72.585640][ C1] sysvec_call_function_single+0x90/0xb0 [ 72.587669][ C1] [ 72.588828][ C1] [ 72.589881][ C1] asm_sysvec_call_function_single+0x1a/0x20 [ 72.592328][ C1] RIP: 0010:_raw_spin_unlock_irqrestore+0x31/0x80 [ 72.594960][ C1] Code: f5 53 48 8b 74 24 10 48 89 fb 48 83 c7 18 e8 46 78 87 f6 48 89 df e8 0e f5 87 f6 f7 c5 00 02 00 00 75 23 9c 58 f6 c4 02 75 37 01 00 00 00 e8 d5 73 79 f6 65 8b 05 d6 a8 1e 75 85 c0 74 16 5b [ 72.602538][ C1] RSP: 0018:ffffc90006d3ee40 EFLAGS: 00000246 [ 72.605129][ C1] RAX: 0000000000000006 RBX: ffff8880545b4050 RCX: 1ffffffff2849a92 [ 72.608478][ C1] RDX: 0000000000000000 RSI: ffffffff8b2cc020 RDI: ffffffff8b902d40 [ 72.611824][ C1] RBP: 0000000000000246 R08: 0000000000000001 R09: fffffbfff284506b [ 72.614885][ C1] R10: ffffffff9422835f R11: 0000000000000006 R12: 000000000000001d [ 72.617520][ C1] R13: dffffc0000000000 R14: ffff88802c137fd0 R15: ffff88802c1380c0 [ 72.620565][ C1] folio_batch_move_lru+0x21d/0x400 [ 72.622795][ C1] ? __pfx_lru_add_fn+0x10/0x10 [ 72.624680][ C1] ? __pfx_folio_batch_move_lru+0x10/0x10 [ 72.627073][ C1] ? __pfx___filemap_add_folio+0x10/0x10 [ 72.629415][ C1] ? __pfx_lru_add_fn+0x10/0x10 [ 72.631336][ C1] folio_batch_add_and_move+0xe5/0x160 [ 72.633536][ C1] folio_add_lru+0x37d/0x7f0 [ 72.635515][ C1] filemap_add_folio+0x1bd/0x220 [ 72.637518][ C1] ? __pfx_filemap_add_folio+0x10/0x10 [ 72.639671][ C1] __filemap_get_folio+0x474/0xae0 [ 72.642035][ C1] ext4_mb_load_buddy_gfp+0x3c0/0xe90 [ 72.644247][ C1] ext4_mb_find_by_goal+0x23b/0xd90 [ 72.646455][ C1] ? kasan_save_stack+0x42/0x60 [ 72.648451][ C1] ? __pfx_ext4_mb_find_by_goal+0x10/0x10 [ 72.650881][ C1] ? vfs_fallocate+0x4ca/0xfc0 [ 72.653347][ C1] ? __do_compat_sys_ioctl+0x149/0x330 [ 72.656546][ C1] ? __do_fast_syscall_32+0x73/0x120 [ 72.658846][ C1] ? do_fast_syscall_32+0x32/0x80 [ 72.661121][ C1] ? entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 72.664791][ C1] ext4_mb_regular_allocator+0x23f/0x3f60 [ 72.667467][ C1] ? __pfx_ext4_mb_regular_allocator+0x10/0x10 [ 72.670306][ C1] ? trace_kmem_cache_alloc+0x2d/0xe0 [ 72.672734][ C1] ? kmem_cache_alloc_noprof+0x174/0x2f0 [ 72.675541][ C1] ? ext4_mb_new_blocks+0x2769/0x4e40 [ 72.678243][ C1] ext4_mb_new_blocks+0x2830/0x4e40 [ 72.681072][ C1] ? ext4_cache_extents+0x148/0x2d0 [ 72.683788][ C1] ? __pfx_ext4_mb_new_blocks+0x10/0x10 [ 72.686730][ C1] ? ext4_ext_search_right+0x2c7/0xb80 [ 72.690093][ C1] ext4_ext_map_blocks+0x1c24/0x5cd0 [ 72.691934][ C1] ? kasan_save_stack+0x42/0x60 [ 72.693756][ C1] ? __pfx___lock_acquire+0x10/0x10 [ 72.695802][ C1] ? __pfx_mark_lock+0x10/0x10 [ 72.697837][ C1] ? __pfx_ext4_ext_map_blocks+0x10/0x10 [ 72.700214][ C1] ? __pfx_lock_acquire+0x10/0x10 [ 72.702151][ C1] ? __pfx___might_resched+0x10/0x10 [ 72.704176][ C1] ? lockdep_hardirqs_on+0x7c/0x110 [ 72.706148][ C1] ? __pfx_down_write+0x10/0x10 [ 72.708117][ C1] ext4_map_blocks+0x61d/0x17d0 [ 72.710182][ C1] ? trace_jbd2_handle_start+0x1b4/0x240 [ 72.712551][ C1] ? __pfx_ext4_map_blocks+0x10/0x10 [ 72.714819][ C1] ? __ext4_journal_start_sb+0x358/0x660 [ 72.717086][ C1] ? __ext4_journal_start_sb+0x206/0x660 [ 72.719337][ C1] ? ext4_alloc_file_blocks.isra.0+0x2a0/0xba0 [ 72.721842][ C1] ext4_alloc_file_blocks.isra.0+0x2dc/0xba0 [ 72.724117][ C1] ? __pfx_ext4_alloc_file_blocks.isra.0+0x10/0x10 [ 72.726748][ C1] ? rcu_is_watching+0x12/0xc0 [ 72.728716][ C1] ? generic_update_time+0xcf/0xf0 [ 72.730692][ C1] ? mnt_put_write_access_file+0x45/0xf0 [ 72.732881][ C1] ext4_fallocate+0x4dc/0x3f60 [ 72.734911][ C1] ? __pfx_ext4_fallocate+0x10/0x10 [ 72.737070][ C1] ? __pfx_ext4_fallocate+0x10/0x10 [ 72.739405][ C1] vfs_fallocate+0x4ca/0xfc0 [ 72.741249][ C1] ioctl_preallocate+0x1a8/0x220 [ 72.743136][ C1] ? __pfx_ioctl_preallocate+0x10/0x10 [ 72.745065][ C1] ? __pfx_tomoyo_path_number_perm+0x10/0x10 [ 72.747250][ C1] do_vfs_ioctl+0x16a0/0x1a90 [ 72.748901][ C1] ? __pfx_do_vfs_ioctl+0x10/0x10 [ 72.750727][ C1] ? __pfx_do_futex+0x10/0x10 [ 72.752631][ C1] ? __fget_files+0x256/0x400 [ 72.754640][ C1] ? bpf_lsm_file_ioctl_compat+0x9/0x10 [ 72.756990][ C1] __do_compat_sys_ioctl+0x149/0x330 [ 72.759202][ C1] __do_fast_syscall_32+0x73/0x120 [ 72.761365][ C1] do_fast_syscall_32+0x32/0x80 [ 72.763279][ C1] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 72.765925][ C1] RIP: 0023:0xf7f93579 [ 72.767467][ C1] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 72.775645][ C1] RSP: 002b:00000000f5d2557c EFLAGS: 00000292 ORIG_RAX: 0000000000000036 [ 72.779277][ C1] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 000000004030582a [ 72.782790][ C1] RDX: 0000000020000240 RSI: 0000000000000000 RDI: 0000000000000000 [ 72.786130][ C1] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 72.789402][ C1] R10: 0000000000000000 R11: 0000000000000292 R12: 0000000000000000 [ 72.792584][ C1] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 72.795873][ C1] [ 72.797450][ T59] misc userio: Buffer overflowed, userio client isn't keeping up [ 73.875757][ T59] input: PS/2 Generic Mouse as /devices/serio3/input/input7 [ 74.094488][ T59] psmouse serio3: Failed to enable mouse on [ 76.409916][ T1355] ieee802154 phy0 wpan0: encryption failed: -22 [ 76.412821][ T1355] ieee802154 phy1 wpan1: encryption failed: -22 [ 81.531408][ T968] cfg80211: failed to load regulatory.db VM DIAGNOSIS: 05:22:28 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000001 RBX=ffff88802c144a40 RCX=ffffffff818269fb RDX=0000000000040000 RSI=0000000000000001 RDI=0000000000000000 RBP=0000000000000003 RSP=ffffc900063af240 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000007 R12=ffffed1005828949 R13=0000000000000001 R14=ffff88802c144a48 R15=ffff88802c03fe80 RIP=ffffffff818e9188 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c000000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=000000001d0fc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000030 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff84facab5 RDI=ffffffff94d8ef80 RBP=ffffffff94d8ef40 RSP=ffffc90000598470 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=732d302e30312e36 R12=0000000000000000 R13=0000000000000030 R14=ffffffff84faca50 R15=0000000000000000 RIP=ffffffff84facadf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c100000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=000000001d0fc000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000a60ce07b 00000000cec3662e ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 1812cb94e0119aab ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 333bebdfd0a6a21d ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000003 RCX=1ffffffff1fc8887 RDX=ffff88801aef8000 RSI=ffffffff813c14f4 RDI=ffffffff813c14e1 RBP=ffff888026b9c000 RSP=ffffc90001106ce8 R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff8fe4115f R11=ffff88802c228a40 R12=0000000000000003 R13=0000000000000003 R14=ffff88802c23fb40 R15=ffffed1004d73800 RIP=ffffffff813c14f6 RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802c200000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=0000000021da6000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000001a4 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 6b20657479622d32 3320646e61707865 ZMM17=6093e527432f176f 129038cc581c5b7d 6093e527432f176f 129038cc581c5b7d 6093e527432f176f 129038cc581c5b7d 6093e527432f176f 129038cc581c5b7d ZMM18=630a587bbfa9340a e730e56f3ac6bb9e 630a587bbfa9340a e730e56f3ac6bb9e 630a587bbfa9340a e730e56f3ac6bb9e 630a587bbfa9340a e730e56f3ac6bb9e ZMM19=8402000000000000 0000000000000010 8402000000000000 000000000000000f 8402000000000000 000000000000000e 8402000000000000 000000000000000d ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=129038cc129038cc 129038cc129038cc 129038cc129038cc 129038cc129038cc 129038cc129038cc 129038cc129038cc 129038cc129038cc 129038cc129038cc ZMM22=432f176f432f176f 432f176f432f176f 432f176f432f176f 432f176f432f176f 432f176f432f176f 432f176f432f176f 432f176f432f176f 432f176f432f176f ZMM23=6093e5276093e527 6093e5276093e527 6093e5276093e527 6093e5276093e527 6093e5276093e527 6093e5276093e527 6093e5276093e527 6093e5276093e527 ZMM24=3ac6bb9e3ac6bb9e 3ac6bb9e3ac6bb9e 3ac6bb9e3ac6bb9e 3ac6bb9e3ac6bb9e 3ac6bb9e3ac6bb9e 3ac6bb9e3ac6bb9e 3ac6bb9e3ac6bb9e 3ac6bb9e3ac6bb9e ZMM25=e730e56fe730e56f e730e56fe730e56f e730e56fe730e56f e730e56fe730e56f e730e56fe730e56f e730e56fe730e56f e730e56fe730e56f e730e56fe730e56f ZMM26=bfa9340abfa9340a bfa9340abfa9340a bfa9340abfa9340a bfa9340abfa9340a bfa9340abfa9340a bfa9340abfa9340a bfa9340abfa9340a bfa9340abfa9340a ZMM27=630a587b630a587b 630a587b630a587b 630a587b630a587b 630a587b630a587b 630a587b630a587b 630a587b630a587b 630a587b630a587b 630a587b630a587b ZMM28=000000100000000f 0000000e0000000d 0000000c0000000b 0000000a00000009 0000000800000007 0000000600000005 0000000400000003 0000000200000001 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=8402000084020000 8402000084020000 8402000084020000 8402000084020000 8402000084020000 8402000084020000 8402000084020000 8402000084020000 info registers vcpu 3 CPU#3 RAX=0000000000000001 RBX=ffff88802c146440 RCX=ffffffff818269fb RDX=ffff888020512440 RSI=0000000000000000 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc90006ef77c0 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000002 R12=ffffed1005828c89 R13=0000000000000001 R14=ffff88802c146448 R15=ffff88802c33fe80 RIP=ffffffff818e8fd1 RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802c300000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000000000000 CR3=000000002823a000 CR4=00350ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000