last executing test programs: 3.524420841s ago: executing program 3 (id=468): syz_emit_ethernet(0x46, &(0x7f0000000300)={@local, @empty, @void, {@ipv6={0x86dd, @dccp_packet={0x7, 0x6, "75f5d4", 0x10, 0x21, 0xff, @private1={0xfc, 0x1, '\x00', 0x1}, @local, {[], {{0x4e21, 0x4e23, 0x4, 0x1, 0xc, 0x0, 0x0, 0x4, 0x7, "428b40", 0x8, "64a04f"}}}}}}}, 0x0) setsockopt$packet_fanout(0xffffffffffffffff, 0x107, 0x12, 0x0, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) r1 = socket(0x10, 0x803, 0x0) sendmsg$NL80211_CMD_CRIT_PROTOCOL_START(r1, &(0x7f0000000580)={0x0, 0x0, &(0x7f0000000540)={0x0, 0x1c}}, 0x0) getsockname$packet(r1, &(0x7f0000000600)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000640)=ANY=[@ANYBLOB="3c0000001000850600000000ff6122314a000800", @ANYRES32=r2, @ANYBLOB="f5ff0f00252155b21c0012000c000100626f6e64000000000c0002000800010001"], 0x3c}}, 0x40000) sendmsg$nl_route(r1, &(0x7f0000000280)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f00000001c0)=@newlink={0x50, 0x10, 0x503, 0x0, 0x700, {}, [@IFLA_LINKINFO={0x28, 0x12, 0x0, 0x1, @ip6gre={{0xb}, {0x18, 0x2, 0x0, 0x1, [@IFLA_GRE_REMOTE={0x14, 0x7, @local}]}}}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x50}, 0x1, 0x0, 0x0, 0x800}, 0xc0b0) r3 = socket$nl_route(0x10, 0x3, 0x0) r4 = socket(0x10, 0x803, 0x4) sendmsg$nl_route(r4, &(0x7f0000000300)={0x0, 0x0, &(0x7f00000002c0)={0x0, 0x1c}, 0x1, 0x0, 0x0, 0x20088814}, 0x0) getsockname$packet(r4, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000080)=0x14) sendmsg$nl_route_sched(r3, &(0x7f0000000280)={0x0, 0x7400, &(0x7f00000001c0)={&(0x7f0000000200)=@delchain={0x24, 0x11, 0x1, 0x1f, 0x0, {0x0, 0x0, 0x0, r5}}, 0x24}}, 0x0) 3.056155008s ago: executing program 1 (id=470): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) socket$nl_route(0x10, 0x3, 0x0) setitimer(0x2, &(0x7f0000000a40)={{}, {0x0, 0xea60}}, &(0x7f0000000a80)) 2.355053634s ago: executing program 3 (id=472): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000140)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(blowfish)\x00'}, 0x58) r1 = accept4(r0, 0x0, 0x0, 0x0) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000400)="3f4e55f1", 0x4) sendto$unix(r1, &(0x7f0000000080), 0xffffff9d, 0x0, 0x0, 0x0) getpid() prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) dup(0xffffffffffffffff) r2 = syz_io_uring_setup(0x497, &(0x7f0000000200)={0x0, 0x7079, 0x0, 0x4, 0x288}, &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r3, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r3, r4, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x0, @fd_index=0x4, 0x0, 0x0}) io_uring_enter(r2, 0x3516, 0x0, 0x0, 0x0, 0x0) 2.148900632s ago: executing program 1 (id=477): sched_setaffinity(0x0, 0x0, 0x0) mkdir(0x0, 0x0) r0 = socket$nl_rdma(0x10, 0x3, 0x14) r1 = socket$inet6_dccp(0xa, 0x6, 0x0) bind$inet6(r1, &(0x7f0000000100)={0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, '\x00', 0x10}, 0x4}, 0x1c) connect$inet6(r1, &(0x7f0000000040)={0xa, 0x4e21, 0x0, @ipv4={'\x00', '\xff\xff', @dev={0xac, 0x14, 0x14, 0x37}}}, 0x1c) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r0, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=ANY=[@ANYBLOB="38000000031401002abd7000fedbdf250900020073017a31000000000800410072786500140033006c6f"], 0x38}, 0x1, 0x0, 0x0, 0x44}, 0x810) socket$nl_rdma(0x10, 0x3, 0x14) r2 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r2, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000200)={0x114, 0x32, 0x1, 0x0, 0x0, "", [@nested={0x101, 0x0, 0x0, 0x1, [@typed={0xc, 0x1, 0x0, 0x0, @u64}, @typed={0x14, 0x3, 0x0, 0x0, @ipv6=@rand_addr=' \x01\x00'}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe8101000000010000008b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0) sendmsg$RDMA_NLDEV_CMD_NEWLINK(r2, &(0x7f0000000240)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000080)={0x38, 0x1403, 0x1, 0x70bd2c, 0x25dfdbfc, "", [{{0x9, 0x2, 'syz0\x00'}, {0x8, 0x41, 'siw\x00'}, {0x14, 0x33, 'lo\x00'}}]}, 0xfffffffffffffe4d}, 0x1, 0x0, 0x0, 0x4}, 0x40810) r3 = socket$l2tp6(0xa, 0x2, 0x73) ioctl$sock_ifreq(r3, 0x8923, &(0x7f0000000040)={'lo\x00', @ifru_hwaddr=@multicast}) 2.147933638s ago: executing program 0 (id=478): socket$inet6(0xa, 0x3, 0x87) r0 = socket$igmp(0x2, 0x3, 0x2) ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = syz_open_procfs(0x0, &(0x7f0000000100)='net/udplite6\x00') close_range(r1, 0xffffffffffffffff, 0x0) r2 = socket$inet6_sctp(0xa, 0x1, 0x84) mkdirat(0xffffffffffffff9c, &(0x7f0000000380)='./file0\x00', 0x10) r3 = syz_io_uring_setup(0x10d, &(0x7f0000000140), &(0x7f0000000340)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r4, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r4, r5, &(0x7f00000002c0)=@IORING_OP_OPENAT={0x12, 0x0, 0x0, 0xffffffffffffff9c, 0x0, &(0x7f0000000480)='./file0\x00', 0x0, 0x69c780}) io_uring_enter(r3, 0x3516, 0x4, 0x0, 0x0, 0x0) close(0x3) fcntl$dupfd(r2, 0x0, r0) 2.036176028s ago: executing program 0 (id=479): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) close_range(0xffffffffffffffff, 0xffffffffffffffff, 0x2) r3 = add_key$fscrypt_v1(&(0x7f0000000040), &(0x7f0000000080)={'fscrypt:', @desc2}, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x52ba, 0xffffffffffffffff) keyctl$KEYCTL_MOVE(0x4, r3, r3, 0x0, 0x0) request_key(&(0x7f00000000c0)='syzkaller\x00', 0x0, 0x0, r3) 1.806104864s ago: executing program 1 (id=480): r0 = socket(0x10, 0x3, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="180000000000000000000000ff010000850000000e000000850000005000000095"], &(0x7f0000000100)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000040)='kmem_cache_free\x00', r1}, 0x9) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000001300)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x1, 0x8, &(0x7f0000000f40)=ANY=[@ANYBLOB="7a0af8ff75250000bfa100000000000007010000f8ffffffb702000005000000bf130000000000008500000005000000b700000000000000950000ff00000000b2595285faa6ead0169191d54f8196217fc5605fbbf6e1671d5ace8c142451f13dbae2fc91f6da4dad4fdc2eb1b5986fc4a3f611a7c8edd3aa5d6ee7ab10b1a297cf52866651064d08dde084e0c7ffddd73f30f2382f6cda4bfdd45be583823c0f09621f3c1c65ee19ee875daf45006a4c4ea5e13b2f9614d547244a22000000000000db453620ce72d75946c0b638d9b12cd48a1b20fb7dd843267e0331759f4ec6b5b0af58e604f4942eb613eff289026d5045ef4a96279856076ff7ac9ba09f4886afc26abba34635d0e8b598a51bc742135a6e1d33fe226c944bc76be40d435aa8b5208ff0df2db761014b1b999a12df6bee431a668135b8214afa5827b56a8074bf1e6cf5d84b35a3a3a4c66824fe12dbe20fcf50a194185b9e2d8b815fedb0d982936156be22dda66fb977aef7c9cb92428ef25d9bf665bd60024c09e9eed5441218c54d0b3e9f298392b3276fabe4cb21ee6760b8ab4406f5cad6227c94fea467aea7fa8b58abc37056433edf43fba5566a3e022034ac81fd48f9b7314ffa730017fbd37fdb23bc26992529402a520ef67e246415a6a8ca9d4aa797a95ca3314d7bb31ad9713d249499ed0d8a24abd57e052888a9141ab4e6c6b939aaefc248791464970c43120211b9bc82a85cd2fc18f535c7986c2d52ba62f74f009900eaffffffffffffff0000000000c9b46ff99a039eda74f74fe532dcfcd2c315b626fd768dbdf00fd532575767a7bca3968f50c20cfcaf91ab14b77f87e476bcf45fff904531adea62a517702743bf3492c8952c8e1fc37674de47d5881750516404c647fe02085b1a9603227411b17b6c7bc84fdfa0cfce589550df8faeeae5ca5024b374da260be559a741d22370373392ed74a7d1aff96a5b59775237f50c6bd8e0c4a7666be5962cd0931845e6d9a03a48fe85d370d9b6b755a2f66989da880c899d4d1c6757be6baffdce49b8c81f43d933549289dd475e39f399f6822a111ed8142b5dd2c01a15c949d86bd93b58"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000000c0)=r4, 0x4) sendmsg$inet(r3, &(0x7f0000000640)={0x0, 0x7000000, 0x0}, 0x0) r5 = gettid() timer_create(0x7, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r5}, &(0x7f0000bbdffc)) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) write(r0, &(0x7f0000000140)="2600000022004701050000070000000000000020002b1f000a4a51f1ee839cd53400b017ca5b", 0x26) setsockopt$sock_int(r0, 0x1, 0x8, &(0x7f0000b4bffc), 0x4) mq_notify(0xffffffffffffffff, &(0x7f0000000000)={0x20000000, 0x4000000000003, 0x2, @thr={0x0, 0x0}}) 1.481677854s ago: executing program 3 (id=481): r0 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="1b0000000000000000000000000004"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000b00)={0x11, 0xf, &(0x7f0000000340)=ANY=[@ANYBLOB, @ANYRES32=r0, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bf0900000000000055090100000000009500000800000000bf91000000000000b702000043e7b5538500000085000000b70000000000000095"], &(0x7f0000000080)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r1, 0x107, 0xf, &(0x7f0000006ffc)=0x4000000000000200, 0xe50fb6c50bc849c9) r2 = socket$nl_route(0x10, 0x3, 0x0) r3 = socket(0x10, 0x803, 0x0) sendmsg$nl_route_sched(r3, &(0x7f00000004c0)={0x0, 0x0, &(0x7f00000003c0)={0x0, 0x24}}, 0x0) getsockname$packet(r3, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f0000000180)=0x14) sendmsg$nl_route(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)=ANY=[@ANYBLOB="3c0000001000010400eeffffffff00f687000000", @ANYRES32=r4, @ANYBLOB="01000000010000001c0012000c000100627269646765"], 0x3c}}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000080)={0x0, 0x0, &(0x7f00000002c0)={&(0x7f0000000940)=@newqdisc={0x78, 0x24, 0xe0b, 0x0, 0x0, {0x0, 0x0, 0x0, r4, {}, {0xffff, 0xffff}, {0xffe0}}, [@qdisc_kind_options=@q_tbf={{0x8}, {0x4c, 0x2, [@TCA_TBF_RATE64={0xc, 0x4, 0x4e1e2563543d84f9}, @TCA_TBF_PBURST={0x8, 0x7, 0x1fc0}, @TCA_TBF_PARMS={0x28, 0x1, {{0x0, 0x0, 0x0, 0xffff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, 0x1000000, 0x81}}, @TCA_TBF_PRATE64={0xc, 0x5, 0xcb59372f370e8465}]}}]}, 0x78}}, 0x4000080) bind$packet(r1, &(0x7f0000000040)={0x11, 0x0, r4, 0x1, 0x0, 0x6, @remote}, 0x14) sendto$inet6(r1, &(0x7f0000000800)="4103082c1116480401020200c52cf7c25975e005b02f000006892f000300897c6b118777faffffff3066090cb600c5471d130a66321a54e7df305fbe258161b6fd8f2428652265d94c6fdbaefc57376a57c2feffff188be9427c323ef024a37016d2a7f9ab6e7941a6fc4f95aa73c1dfff4941f6503b5bd8c91db22cd33795481c94085fa12cdc679ac2a5d7b5d99b93fb07acb0da680e78b74c74aae8d7690d5986a9af81622a0ac210bc7b5ca5fed11cb54d046642670041e846bb184ff5d39fe8516d2d2a8d84e6e7dfcb2b8a8023444db513a3d7a124b59f0a5cd36489dbbb75cce3145d0ea3c3aa21af7cbcbc7a7575db782e757ca543109f5ddcec4930aa91f4119ea3d1f56140cb86cfe0724b23904ef5d05c725ee23918a502b1afe09fb0757d", 0xfc13, 0x880, 0x0, 0xfffffffffffffef0) 1.42286964s ago: executing program 3 (id=482): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = userfaultfd(0x801) ioctl$UFFDIO_API(r2, 0xc018aa3f, &(0x7f0000000140)={0xaa, 0x298}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d2f2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x0, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_PIT2(r1, 0x4040ae77, &(0x7f0000000040)) r3 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_PIT(r1, 0x8048ae66, &(0x7f0000000080)={[{0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}, {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff}]}) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r3, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x2004cb, 0x200000000000, 0x0, 0x0, 0xfffffffffffffffd], 0x0, 0x200}) socketpair$unix(0x1, 0x0, 0x0, 0x0) ioctl$KVM_RUN(r3, 0xae80, 0x0) 1.375366166s ago: executing program 3 (id=483): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x48) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r0, &(0x7f0000002540)=@abs, 0x6e) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r0, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r2, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000180)=@newlink={0x40, 0x10, 0x403, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x14, 0x12, 0x0, 0x1, @bridge={{0xb}, {0x4}}}, @IFLA_ADDRESS={0xa, 0x1, @dev}]}, 0x40}}, 0x0) 1.235119407s ago: executing program 2 (id=486): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0xd, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) ioctl$sock_ipv4_tunnel_SIOCCHGTUNNEL(0xffffffffffffffff, 0x89f3, &(0x7f0000000000)={'sit0\x00', &(0x7f00000002c0)={'syztnl1\x00', 0x0, 0x0, 0x0, 0x0, 0x0, {{0x5, 0x4, 0x0, 0x0, 0x14, 0x0, 0x0, 0x0, 0x0, 0x0, @broadcast, @remote}}}}) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) sendmsg$ETHTOOL_MSG_COALESCE_GET(0xffffffffffffffff, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000000c0)={0x0, 0x90}, 0x1, 0x0, 0x0, 0x84}, 0x24040900) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x10000000, 0xfffffffffffffffe, 0x100, 0x0, 0x0, 0x5]}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x2, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x7, 0xffffffffffffffff, 0x3], 0x0, 0x41901}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 1.115753695s ago: executing program 0 (id=487): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18020000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b703000000000020850000007000000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(0x0, 0x2, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r3, &(0x7f0000000300)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000400)=ANY=[@ANYBLOB="8c0000000001010400000000ffffff8802000000240001801400018008000100ac1414bb08000200ac1414bb0c00028005000100000000002400028014000180080001000000004008000200ac1414bb0c0002800500010000000000080007400000000028000680080002007f00000108000100"], 0x8c}, 0x1, 0x600000000000000, 0x0, 0x40}, 0x0) 1.078530408s ago: executing program 2 (id=488): r0 = socket$can_raw(0x1d, 0x3, 0x1) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) ptrace(0x10, r1) ptrace$getregset(0x4204, r1, 0x202, &(0x7f0000000400)={&(0x7f00000005c0)=""/24, 0x18}) ioctl$AUTOFS_DEV_IOCTL_FAIL(0xffffffffffffffff, 0xc0189377, &(0x7f0000000440)={{0x1, 0x1, 0x18, r0, {0x2, 0x56}}, './file0\x00'}) sendmsg$nl_route(r2, &(0x7f0000000580)={&(0x7f0000000480), 0xc, &(0x7f0000000540)={&(0x7f00000004c0)=@can_delroute={0x74, 0x19, 0x2, 0x70bd26, 0x25dfdbfe, {0x1d, 0x1, 0x7}, [@CGW_MOD_AND={0x15, 0x1, {{{0x4, 0x1, 0x0, 0x1}, 0x2, 0x2, 0x0, 0x0, "4db7a6657a268ed7"}, 0x2}}, @CGW_MOD_OR={0x15, 0x2, {{{0x3, 0x1, 0x1, 0x1}, 0x4, 0x2, 0x0, 0x0, "63a21c981a20c854"}, 0x2}}, @CGW_MOD_XOR={0x15, 0x3, {{{0x3, 0x0, 0x1, 0x1}, 0x3, 0x1, 0x0, 0x0, "cf00bb671bba920c"}, 0x1}}, @CGW_MOD_SET={0x15, 0x4, {{{0x3, 0x1, 0x1}, 0x2, 0x3, 0x0, 0x0, "9c94f0ee2e166b6c"}}}]}, 0x74}}, 0x1) bind$can_raw(r0, &(0x7f0000000000), 0x10) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, 0x0, 0x0) setsockopt$CAN_RAW_FILTER(r0, 0x65, 0x1, &(0x7f0000000100)=[{{0x0, 0x0, 0x0, 0x1}, {0x0, 0x0, 0x0, 0x1}}], 0x8) r3 = socket$nl_generic(0x10, 0x3, 0x10) recvmsg(r3, &(0x7f0000000380)={&(0x7f0000000040)=@pppol2tpv3in6={0x18, 0x1, {0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, {0xa, 0x0, 0x0, @mcast1}}}, 0x80, &(0x7f0000000340)=[{&(0x7f00000000c0)=""/255, 0xff}, {&(0x7f00000001c0)=""/15, 0xf}, {&(0x7f0000000200)=""/67, 0x43}, {&(0x7f0000000280)=""/130, 0x82}], 0x4}, 0x40000021) r4 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_IRQP_READ(r4, 0x8008700b, 0x0) 995.707367ms ago: executing program 2 (id=489): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') creat(&(0x7f0000000400)='./bus\x00', 0x0) lsetxattr$security_ima(&(0x7f00000002c0)='./bus\x00', &(0x7f0000000180), &(0x7f00000001c0)=@v2={0x3, 0x2, 0xc, 0x0, 0x2, "e727"}, 0xb, 0x0) open(&(0x7f0000000100)='./bus\x00', 0x0, 0x0) socket$tipc(0x1e, 0x5, 0x0) r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r0, &(0x7f00000002c0)={0x0, 0x0, &(0x7f0000000280)={&(0x7f00000001c0)=@newtaction={0x6c, 0x30, 0x1af, 0x1000, 0x0, {}, [{0x58, 0x1, [@m_nat={0x54, 0x1, 0x0, 0x0, {{0x8}, {0x2c, 0x2, 0x0, 0x1, [@TCA_NAT_PARMS={0x28, 0x1, {{0x9, 0xfc000000, 0x7, 0x4, 0xfffffffd}, @multicast1, @broadcast, 0xffffffff}}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0x6c}}, 0x0) r1 = socket$netlink(0x10, 0x3, 0x0) sendmmsg(r1, &(0x7f00000002c0), 0x40000000000009f, 0x0) 989.5608ms ago: executing program 1 (id=490): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) sendmsg$NFT_MSG_GETRULE(0xffffffffffffffff, &(0x7f0000000280)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400000}, 0xc, &(0x7f0000000240)={&(0x7f0000000100)={0x1c, 0x7, 0xa, 0x101, 0x0, 0x0, {0x2, 0x0, 0x8}, [@NFTA_RULE_ID={0x8, 0x9, 0x1, 0x0, 0x2}]}, 0x1c}, 0x1, 0x0, 0x0, 0x20004800}, 0x48000) ioctl$UFFDIO_REGISTER(0xffffffffffffffff, 0xc020aa00, &(0x7f0000000040)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}, 0x1}) openat$kvm(0xffffffffffffff9c, &(0x7f0000000200), 0x0, 0x0) openat$kvm(0xffffffffffffff9c, &(0x7f00000000c0), 0x100, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000380)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]}) openat$btrfs_control(0xffffffffffffff9c, &(0x7f0000000140), 0x400, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 948.754451ms ago: executing program 2 (id=491): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sched_switch\x00'}, 0x10) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) sched_setaffinity(0x0, 0xfffffef7, &(0x7f0000000740)=0x410000002) syz_io_uring_setup(0x10d, 0x0, &(0x7f0000000340), &(0x7f0000000280)) madvise(&(0x7f0000000000/0xc00000)=nil, 0xc00304, 0x15) syslog(0x4, &(0x7f00000001c0)=""/72, 0x48) syslog(0x3, &(0x7f0000000500)=""/218, 0xda) 867.182218ms ago: executing program 1 (id=492): r0 = socket$inet6(0xa, 0x3, 0xff) r1 = add_key$user(&(0x7f00000003c0), &(0x7f0000000440), &(0x7f00000000c0), 0x5ba8, 0xfffffffffffffffd) keyctl$read(0xb, r1, &(0x7f0000000640)=""/30, 0x1001) connect$inet6(r0, &(0x7f0000000200)={0xa, 0x0, 0x0, @empty}, 0x1c) setsockopt$sock_int(r0, 0x1, 0x29, &(0x7f0000000540)=0x10001, 0x4) setsockopt$SO_TIMESTAMPING(r0, 0x1, 0x25, &(0x7f0000000000)=0x24d2, 0x4) write(r0, &(0x7f0000000180)="b1f6a4e6086771339298ff93c614cda94476d7b36598b8cb08591ffc2467faa14eba6144e8129396", 0x28) recvmmsg(r0, &(0x7f0000000400)=[{{0x0, 0x0, 0x0}}], 0x1, 0x2000, 0x0) r2 = socket$inet6(0xa, 0x80002, 0x88) r3 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018010000", @ANYRES32, @ANYBLOB="0000000000000000b70800000000396f7b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000002400000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000040)='kmem_cache_free\x00', r3}, 0x10) syz_emit_ethernet(0x83, &(0x7f0000000040)=ANY=[@ANYBLOB="aaaaaaaaaaaaaaaa79ff030486dd601b8b97004d88c19e9ace00000000000000002100000002ff02000000000000000000000000000104004e200008b0"], 0x0) recvmmsg(r2, &(0x7f0000000540)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0, 0x0) 386.213312ms ago: executing program 3 (id=493): r0 = open(&(0x7f0000000300)='./bus\x00', 0x169042, 0x70) ftruncate(r0, 0x88801) r1 = socket$inet6(0xa, 0x1, 0x0) r2 = dup(r1) bind$inet6(r1, &(0x7f0000000180)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) sendto$inet6(r1, 0x0, 0x0, 0x20040008, &(0x7f00008d4fe4)={0xa, 0x4e20, 0x0, @loopback}, 0x1c) setsockopt$SO_BINDTODEVICE(r2, 0x1, 0x19, &(0x7f0000000080)='sit0\x00', 0x10) sendmsg$ETHTOOL_MSG_PAUSE_GET(r0, 0x0, 0x48001) r3 = socket$igmp6(0xa, 0x3, 0x2) setsockopt$IP6T_SO_SET_REPLACE(r3, 0x29, 0x40, &(0x7f0000000b00)=@raw={'raw\x00', 0x8, 0x3, 0x428, 0xd0, 0xffffffff, 0xffffffff, 0x0, 0xffffffff, 0x358, 0xffffffff, 0xffffffff, 0x358, 0xffffffff, 0x3, 0x0, {[{{@ipv6={@private0, @mcast2, [], [], 'veth0_macvtap\x00', 'dvmrp1\x00'}, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE0={0x28}}, {{@ipv6={@remote, @ipv4={'\x00', '\xff\xff', @dev}, [], [], 'wg1\x00', 'gre0\x00'}, 0x0, 0x258, 0x288, 0x0, {}, [@common=@inet=@hashlimit1={{0x58}, {'pim6reg\x00', {0x0, 0x0, 0x5, 0x0, 0x0, 0x7, 0x3ff}}}, @common=@inet=@hashlimit3={{0x158}, {'wg1\x00', {0x3, 0x0, 0x41, 0x0, 0x0, 0x1000, 0x6, 0x3}}}]}, @common=@unspec=@CONNMARK={0x30}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28, '\x00', 0x7}}}}, 0x488) syz_emit_ethernet(0x5e, &(0x7f00000000c0)=ANY=[], 0x0) r4 = open(&(0x7f0000000000)='./bus\x00', 0x0, 0x0) sendfile(r2, r4, 0x0, 0x8000fbffc001) 230.558523ms ago: executing program 0 (id=494): r0 = openat$sr(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000003c0)=0x800, 0x4) openat$binder_debug(0xffffffffffffff9c, 0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) sendmsg$inet(r0, &(0x7f0000000140)={&(0x7f0000000040)={0x2, 0x4e24, @dev={0xac, 0x14, 0x14, 0x2b}}, 0x10, &(0x7f00000000c0)=[{0x0}], 0x1, &(0x7f0000000580)=ANY=[], 0xcc}, 0x0) shutdown(0xffffffffffffffff, 0x2) socket$inet_udplite(0x2, 0x2, 0x88) r2 = syz_init_net_socket$802154_raw(0x24, 0x3, 0x0) sendmmsg$inet(r2, 0x0, 0x0, 0x0) close_range(r0, 0xffffffffffffffff, 0x0) 136.059578ms ago: executing program 0 (id=495): ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) sendmsg$IPCTNL_MSG_TIMEOUT_DEFAULT_SET(0xffffffffffffffff, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000500)={0x0, 0x40}}, 0x800) r0 = socket(0x10, 0x3, 0x0) syz_init_net_socket$ax25(0x3, 0x3, 0x0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x211000, 0x1000}, 0x20) setsockopt$XDP_RX_RING(r1, 0x11b, 0x2, &(0x7f0000000040)=0x20, 0x4) socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000001c0)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000300)={'ipvlan1\x00', 0x0}) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) bind$xdp(r1, &(0x7f0000000100)={0x2c, 0x0, r3}, 0x10) write(r0, &(0x7f0000000000)="2400000011005f0414f9f40700090400810000003c0000000000000008000f0001000000", 0x24) 21.568508ms ago: executing program 2 (id=496): setsockopt$MRT_ADD_VIF(0xffffffffffffffff, 0x0, 0xca, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x15, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x7ff, @void, @value}, 0x94) setsockopt$sock_int(0xffffffffffffffff, 0x1, 0x2e, &(0x7f0000000040)=0xffff, 0x4) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, 0x0) r0 = socket$inet_icmp_raw(0x2, 0x3, 0x1) setsockopt$inet_mreqsrc(r0, 0x0, 0x27, &(0x7f0000000000)={@multicast1=0xe000bb00, @remote, @private=0xa010100}, 0xc) r1 = socket$inet(0x2, 0x2, 0x0) setsockopt$inet_mreqn(r1, 0x0, 0x23, &(0x7f0000000740)={@multicast2, @loopback}, 0x40) r2 = socket$netlink(0x10, 0x3, 0x0) writev(r2, &(0x7f0000000780)=[{&(0x7f0000000380)="390000001300034700bb65e1c3e4ffff010000000100000056000000250000001900040004e0144000000007fd17e5ffff0800040000000000", 0x39}], 0x1) r3 = socket$pppl2tp(0x18, 0x1, 0x1) ioctl$SIOCSIFMTU(r3, 0x8922, &(0x7f0000000180)={'lo\x00'}) 17.309379ms ago: executing program 0 (id=497): r0 = creat(&(0x7f0000000280)='./file0\x00', 0x0) close(r0) r1 = socket$xdp(0x2c, 0x3, 0x0) setsockopt$XDP_TX_RING(r1, 0x11b, 0x3, &(0x7f00000001c0)=0x20000, 0x4) setsockopt$XDP_UMEM_REG(r1, 0x11b, 0x4, &(0x7f00000000c0)={&(0x7f0000000000)=""/5, 0x200000, 0x1000}, 0x20) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000000)={'lo\x00', 0x0}) setsockopt$XDP_UMEM_COMPLETION_RING(r1, 0x11b, 0x6, &(0x7f0000000180)=0x20, 0x4) setsockopt$XDP_UMEM_FILL_RING(r1, 0x11b, 0x5, &(0x7f0000000140)=0x4000, 0x4) bind$xdp(r1, &(0x7f00000002c0)={0x2c, 0x0, r3}, 0x10) r4 = socket(0x18, 0x0, 0x2) mount$9p_fd(0x0, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200), 0x0, &(0x7f0000000340)=ANY=[@ANYBLOB='trans=fd,rfdno=', @ANYRESHEX=r0, @ANYBLOB=',wfdno=', @ANYRESHEX=r4]) syz_genetlink_get_family_id$devlink(&(0x7f0000000480), r0) 14.551865ms ago: executing program 1 (id=498): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x1c1341, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f00000000c0)={'syzkaller0\x00', 0x84aebfbd6349b7f2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000a40), 0x0, 0x0) close(r1) socketpair$unix(0x1, 0x1, 0x0, &(0x7f0000000140)) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r2 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r2) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000080), 0x0, 0x0) close(r3) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000000)) ioctl$SIOCSIFHWADDR(r3, 0x8943, &(0x7f0000000100)={'syzkaller0\x00'}) ioctl$SIOCSIFHWADDR(r2, 0x8943, &(0x7f0000002280)={'syzkaller0\x00', @random="110000000002"}) 0s ago: executing program 2 (id=499): mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) r0 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) r1 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) mkdirat(r2, &(0x7f0000000200)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', 0x0) renameat2(r2, &(0x7f0000000100)='\x13\x13w\xc5\xfc5\xd4\x14T\xd5\xd4\x1d)\xad\x1a`)Y\x81F\xe6\xbe\x16nA\xad\r\xbd@T\x03<\x9f3\xbb\xda\x82$\xa2\xf3\xd7r\xe7cnH\xb3<\xbfp\x83r\xe8\xf1\xb9\x93>\xc5\x12wC\xbe\"\x06 \x9e\xf0-\xf9\xcb\xf2\xf6\xe8\x80\xd38/\x00', r1, &(0x7f0000000180)='./file1\x00', 0x0) mknodat$loop(r0, &(0x7f0000001600)='./file1\x00', 0x0, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') linkat(r0, &(0x7f0000000100)='./file1\x00', r0, &(0x7f0000000240)='./file0\x00', 0x0) unlink(&(0x7f0000000280)='./file1\x00') kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:52661' (ED25519) to the list of known hosts. [ 40.776595][ T5931] cgroup: Unknown subsys name 'net' [ 40.965217][ T5931] cgroup: Unknown subsys name 'cpuset' [ 40.970139][ T5931] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 41.755653][ T5931] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 44.296124][ T5952] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 44.298811][ T5952] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 44.302185][ T5952] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 44.304064][ T5953] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 44.304444][ T5952] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 44.307061][ T5953] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 44.308689][ T5952] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 44.310488][ T5953] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 44.312882][ T5952] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 44.314506][ T5957] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 44.315344][ T5953] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 44.315667][ T5953] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 44.315872][ T5953] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 44.316033][ T5953] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 44.316512][ T5952] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 44.321606][ T5949] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 44.322469][ T5952] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 44.324856][ T5949] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 44.327670][ T5959] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 44.331910][ T5297] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 44.332623][ T5959] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 44.334791][ T5297] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 44.336344][ T5959] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 44.338294][ T5297] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 44.456806][ T5944] chnl_net:caif_netlink_parms(): no params data found [ 44.475762][ T5942] chnl_net:caif_netlink_parms(): no params data found [ 44.602438][ T5945] chnl_net:caif_netlink_parms(): no params data found [ 44.614608][ T5944] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.616789][ T5944] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.618993][ T5944] bridge_slave_0: entered allmulticast mode [ 44.621435][ T5944] bridge_slave_0: entered promiscuous mode [ 44.626433][ T5944] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.628756][ T5944] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.631252][ T5944] bridge_slave_1: entered allmulticast mode [ 44.633838][ T5944] bridge_slave_1: entered promiscuous mode [ 44.655203][ T5954] chnl_net:caif_netlink_parms(): no params data found [ 44.678579][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.680684][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.683011][ T5942] bridge_slave_0: entered allmulticast mode [ 44.685318][ T5942] bridge_slave_0: entered promiscuous mode [ 44.688253][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.691143][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.693881][ T5942] bridge_slave_1: entered allmulticast mode [ 44.695987][ T5942] bridge_slave_1: entered promiscuous mode [ 44.735012][ T5944] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 44.759863][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 44.773874][ T5944] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 44.779848][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 44.833259][ T5945] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.835359][ T5945] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.837475][ T5945] bridge_slave_0: entered allmulticast mode [ 44.839687][ T5945] bridge_slave_0: entered promiscuous mode [ 44.842858][ T5945] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.844941][ T5945] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.847020][ T5945] bridge_slave_1: entered allmulticast mode [ 44.849143][ T5945] bridge_slave_1: entered promiscuous mode [ 44.854663][ T5944] team0: Port device team_slave_0 added [ 44.866188][ T5942] team0: Port device team_slave_0 added [ 44.886240][ T5944] team0: Port device team_slave_1 added [ 44.896668][ T5954] bridge0: port 1(bridge_slave_0) entered blocking state [ 44.898776][ T5954] bridge0: port 1(bridge_slave_0) entered disabled state [ 44.900827][ T5954] bridge_slave_0: entered allmulticast mode [ 44.903792][ T5954] bridge_slave_0: entered promiscuous mode [ 44.907822][ T5942] team0: Port device team_slave_1 added [ 44.911993][ T5945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 44.929746][ T5954] bridge0: port 2(bridge_slave_1) entered blocking state [ 44.932215][ T5954] bridge0: port 2(bridge_slave_1) entered disabled state [ 44.934348][ T5954] bridge_slave_1: entered allmulticast mode [ 44.936580][ T5954] bridge_slave_1: entered promiscuous mode [ 44.963414][ T5945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 44.990871][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 44.992954][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.000125][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.005447][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.007464][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.014763][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.025776][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.028414][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.038875][ T5944] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.044659][ T5944] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.047050][ T5944] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.055597][ T5944] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.060658][ T5954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 45.066247][ T5954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 45.078538][ T5945] team0: Port device team_slave_0 added [ 45.082136][ T5945] team0: Port device team_slave_1 added [ 45.099906][ T5954] team0: Port device team_slave_0 added [ 45.102965][ T5954] team0: Port device team_slave_1 added [ 45.135099][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.137044][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.144634][ T5945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.168989][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 45.171026][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.178304][ T5954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 45.181836][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.183898][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.192591][ T5945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.209246][ T5942] hsr_slave_0: entered promiscuous mode [ 45.211397][ T5942] hsr_slave_1: entered promiscuous mode [ 45.214568][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 45.216559][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 45.224217][ T5954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 45.231399][ T5944] hsr_slave_0: entered promiscuous mode [ 45.233390][ T5944] hsr_slave_1: entered promiscuous mode [ 45.235225][ T5944] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 45.237455][ T5944] Cannot create hsr debugfs directory [ 45.294691][ T5954] hsr_slave_0: entered promiscuous mode [ 45.296692][ T5954] hsr_slave_1: entered promiscuous mode [ 45.298560][ T5954] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 45.300766][ T5954] Cannot create hsr debugfs directory [ 45.327530][ T5945] hsr_slave_0: entered promiscuous mode [ 45.329462][ T5945] hsr_slave_1: entered promiscuous mode [ 45.331293][ T5945] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 45.333644][ T5945] Cannot create hsr debugfs directory [ 45.450745][ T5954] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 45.456621][ T5954] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 45.461016][ T5954] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 45.465660][ T5954] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 45.524326][ T5942] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 45.529855][ T5942] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 45.533352][ T5942] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 45.537534][ T5942] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 45.556294][ T5944] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 45.560545][ T5944] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 45.564001][ T5944] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 45.567103][ T5944] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 45.600671][ T5945] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 45.604679][ T5945] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 45.609261][ T5945] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 45.613210][ T5945] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 45.637280][ T5954] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.659328][ T5954] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.664380][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.679883][ T1210] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.682358][ T1210] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.687700][ T1210] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.689813][ T1210] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.695582][ T5944] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.704090][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.710125][ T1134] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.712236][ T1134] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.717683][ T64] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.719762][ T64] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.731827][ T5944] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.747678][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.749825][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.765932][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.768983][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.776037][ T5945] 8021q: adding VLAN 0 to HW filter on device bond0 [ 45.790975][ T5944] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 45.794128][ T5944] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 45.812821][ T5945] 8021q: adding VLAN 0 to HW filter on device team0 [ 45.816989][ T1210] bridge0: port 1(bridge_slave_0) entered blocking state [ 45.819891][ T1210] bridge0: port 1(bridge_slave_0) entered forwarding state [ 45.832715][ T1210] bridge0: port 2(bridge_slave_1) entered blocking state [ 45.834788][ T1210] bridge0: port 2(bridge_slave_1) entered forwarding state [ 45.856938][ T5954] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.873712][ T5944] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.879833][ T5954] veth0_vlan: entered promiscuous mode [ 45.885285][ T5954] veth1_vlan: entered promiscuous mode [ 45.895148][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.909322][ T5954] veth0_macvtap: entered promiscuous mode [ 45.917939][ T5944] veth0_vlan: entered promiscuous mode [ 45.922994][ T5944] veth1_vlan: entered promiscuous mode [ 45.926021][ T5954] veth1_macvtap: entered promiscuous mode [ 45.936166][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 45.940314][ T5942] veth0_vlan: entered promiscuous mode [ 45.945556][ T5942] veth1_vlan: entered promiscuous mode [ 45.948556][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 45.952942][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 45.958812][ T5954] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.961430][ T5954] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.964687][ T5954] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.967242][ T5954] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 45.983991][ T5944] veth0_macvtap: entered promiscuous mode [ 45.991091][ T5944] veth1_macvtap: entered promiscuous mode [ 46.014722][ T5945] veth0_vlan: entered promiscuous mode [ 46.019089][ T5945] veth1_vlan: entered promiscuous mode [ 46.023446][ T5942] veth0_macvtap: entered promiscuous mode [ 46.029497][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.033315][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.037002][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.041046][ T5942] veth1_macvtap: entered promiscuous mode [ 46.049208][ T1210] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.052877][ T1210] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.056092][ T5944] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.059276][ T5944] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.063097][ T5944] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.078568][ T5944] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.081168][ T5944] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.084094][ T5944] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.086692][ T5944] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.090413][ T5945] veth0_macvtap: entered promiscuous mode [ 46.097042][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.101777][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.106344][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.109566][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.113123][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.116496][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.120270][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.125330][ T5945] veth1_macvtap: entered promiscuous mode [ 46.131437][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.134605][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.138307][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.141773][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.145312][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.149236][ T5942] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.152047][ T5942] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.155619][ T5942] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.158804][ T5942] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.170307][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.174322][ T5954] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 46.174698][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.182749][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.186550][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.189939][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 46.193053][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.196418][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 46.200920][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.204050][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.206858][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.209857][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.213565][ T5945] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 46.216560][ T5945] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 46.219833][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 46.223093][ T5945] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.225635][ T5945] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.228185][ T5945] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.231192][ T5945] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 46.255963][ T1210] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.258266][ T1210] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.285222][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.287519][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.297578][ T1134] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.300566][ T1134] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.317041][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.319202][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.328781][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.331399][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.335268][ T1134] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 46.337961][ T1134] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 46.372569][ T5956] Bluetooth: hci2: command tx timeout [ 46.372640][ T5297] Bluetooth: hci3: command tx timeout [ 46.374439][ T5956] Bluetooth: hci1: command tx timeout [ 46.376160][ T5297] Bluetooth: hci0: command tx timeout [ 46.452916][ T6025] netlink: 12 bytes leftover after parsing attributes in process `syz.3.6'. [ 46.843956][ T6042] pim6reg1: entered promiscuous mode [ 46.845703][ T6042] pim6reg1: entered allmulticast mode [ 46.952019][ T0] NOHZ tick-stop error: local softirq work is pending, handler #282!!! [ 47.813825][ T6067] netlink: 1 bytes leftover after parsing attributes in process `syz.1.17'. [ 47.828690][ T5985] hid-generic 0005:10CF:0009.0002: item fetching failed at offset 0/1 [ 47.831340][ T5985] hid-generic 0005:10CF:0009.0002: probe with driver hid-generic failed with error -22 [ 48.311630][ T1320] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 48.452366][ T5959] Bluetooth: hci1: command tx timeout [ 48.453587][ T5297] Bluetooth: hci0: command tx timeout [ 48.454407][ T5956] Bluetooth: hci3: command tx timeout [ 48.454431][ T5956] Bluetooth: hci2: command tx timeout [ 48.464473][ T1320] usb 8-1: New USB device found, idVendor=79cc, idProduct=980d, bcdDevice=b6.8e [ 48.467749][ T1320] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 48.473796][ T1320] usb 8-1: config 0 descriptor?? [ 48.479676][ T1320] usb-storage 8-1:0.0: USB Mass Storage device detected [ 49.199727][ T5985] usb 8-1: USB disconnect, device number 2 [ 49.816744][ T6113] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 50.232587][ T6123] netlink: 4 bytes leftover after parsing attributes in process `syz.3.33'. [ 50.237122][ T6123] netlink: 4 bytes leftover after parsing attributes in process `syz.3.33'. [ 50.240865][ T6123] netlink: 4 bytes leftover after parsing attributes in process `syz.3.33'. [ 50.490207][ T6130] debugfs: Directory 'ttyS3' with parent 'caif_serial' already present! [ 50.531834][ T5297] Bluetooth: hci0: command tx timeout [ 50.541678][ T5297] Bluetooth: hci2: command tx timeout [ 50.541806][ T5959] Bluetooth: hci1: command tx timeout [ 50.541928][ T66] Bluetooth: hci3: command tx timeout [ 51.146775][ T6161] netdevsim netdevsim1: Direct firmware load for . [ 51.146775][ T6161] failed with error -2 [ 51.149917][ T6161] netdevsim netdevsim1: Falling back to sysfs fallback for: . [ 51.149917][ T6161] [ 51.270705][ T6164] kvm: pic: level sensitive irq not supported [ 51.271440][ T6164] kvm: pic: non byte write [ 51.276362][ T6164] kvm: pic: non byte write [ 51.278212][ T6164] kvm: pic: non byte write [ 51.280424][ T6164] kvm: pic: non byte write [ 51.284124][ T6164] kvm: pic: non byte write [ 51.287477][ T6164] kvm: pic: non byte write [ 51.289627][ T6164] kvm: pic: non byte write [ 51.291449][ T6164] kvm: pic: non byte write [ 51.293665][ T6164] kvm: pic: non byte write [ 51.298967][ T6164] kvm: pic: non byte write [ 51.356531][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.359123][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.361722][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.366186][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.369813][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.373356][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.375864][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 51.378306][ T0] NOHZ tick-stop error: local softirq work is pending, handler #240!!! [ 51.380786][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 52.014489][ T39] audit: type=1326 audit(1738241669.953:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6159 comm="syz.2.43" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7fc00000 [ 52.030998][ T6190] netlink: 4 bytes leftover after parsing attributes in process `syz.3.52'. [ 52.054681][ T39] audit: type=1800 audit(1738241669.993:3): pid=6192 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.2.53" name="/" dev="9p" ino=154 res=0 errno=0 [ 52.087164][ T6190] bond1 (unregistering): Released all slaves [ 52.611601][ T5297] Bluetooth: hci1: command tx timeout [ 52.612104][ T66] Bluetooth: hci3: command tx timeout [ 52.621615][ T66] Bluetooth: hci2: command tx timeout [ 52.621746][ T5297] Bluetooth: hci0: command tx timeout [ 52.734521][ T6208] misc userio: Invalid payload size [ 52.740635][ T6208] misc userio: Invalid payload size [ 53.091966][ T6218] netlink: 24 bytes leftover after parsing attributes in process `syz.2.61'. [ 53.098274][ T6218] netlink: 4 bytes leftover after parsing attributes in process `syz.2.61'. [ 53.138123][ T6218] hsr_slave_0 (unregistering): left promiscuous mode [ 53.649348][ T6230] Zero length message leads to an empty skb [ 53.824468][ T6241] IPv6: addrconf: prefix option has invalid lifetime [ 53.912471][ T6247] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 54.008129][ T39] audit: type=1804 audit(1738241671.943:4): pid=6255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.74" name="/newroot/28/file1" dev="fuse" ino=1 res=1 errno=0 [ 54.013761][ T39] audit: type=1800 audit(1738241671.943:5): pid=6255 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.74" name="/" dev="fuse" ino=1 res=0 errno=0 [ 54.019164][ T39] audit: type=1804 audit(1738241671.943:6): pid=6250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.74" name="/newroot/28/file1" dev="fuse" ino=1 res=1 errno=0 [ 54.025726][ T39] audit: type=1804 audit(1738241671.943:7): pid=6250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.3.74" name="/newroot/28/file1" dev="fuse" ino=1 res=1 errno=0 [ 54.031162][ T39] audit: type=1800 audit(1738241671.943:8): pid=6250 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.3.74" name="/" dev="fuse" ino=1 res=0 errno=0 [ 54.426164][ T6280] netlink: 32 bytes leftover after parsing attributes in process `syz.1.84'. [ 54.680139][ T6282] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 54.682822][ T6282] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 54.691679][ T5959] Bluetooth: hci1: command 0x0406 tx timeout [ 54.692456][ T6282] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 54.696999][ T6282] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 54.698928][ T6282] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 54.701224][ T6282] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 54.702948][ T6282] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 54.704878][ T6282] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 54.706752][ T6282] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 54.708311][ T6282] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 54.717321][ T6282] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 55.158204][ T6318] netlink: 'syz.0.94': attribute type 21 has an invalid length. [ 55.160560][ T6318] netlink: 'syz.0.94': attribute type 6 has an invalid length. [ 55.163061][ T6318] netlink: 132 bytes leftover after parsing attributes in process `syz.0.94'. [ 55.257625][ T63] kernel read not supported for file /42/net/igmp (pid: 63 comm: kworker/1:1) [ 55.799955][ T6337] netlink: 28 bytes leftover after parsing attributes in process `syz.3.100'. [ 55.802718][ T6337] netlink: 8 bytes leftover after parsing attributes in process `syz.3.100'. [ 55.883575][ T6339] block nbd3: shutting down sockets [ 56.100293][ T6342] netlink: 4 bytes leftover after parsing attributes in process `syz.2.102'. [ 56.412477][ T6345] ======================================================= [ 56.412477][ T6345] WARNING: The mand mount option has been deprecated and [ 56.412477][ T6345] and is ignored by this kernel. Remove the mand [ 56.412477][ T6345] option from the mount to silence this warning. [ 56.412477][ T6345] ======================================================= [ 56.424707][ T6345] fuse: Bad value for 'fd' [ 56.701764][ T5297] Bluetooth: hci0: command 0x0c1a tx timeout [ 56.771652][ T5297] Bluetooth: hci3: command 0x0c1a tx timeout [ 56.771674][ T5959] Bluetooth: hci2: command 0x0c1a tx timeout [ 56.773239][ T66] Bluetooth: hci1: command 0x0406 tx timeout [ 56.904857][ T6367] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 56.908084][ T6367] overlayfs: failed to set xattr on upper [ 56.910241][ T6367] overlayfs: ...falling back to redirect_dir=nofollow. [ 56.914009][ T6367] overlayfs: ...falling back to index=off. [ 56.916223][ T6367] overlayfs: ...falling back to uuid=null. [ 57.025922][ T6379] syz.2.117 uses obsolete (PF_INET,SOCK_PACKET) [ 57.088069][ T5320] IPVS: starting estimator thread 0... [ 57.174379][ T6381] IPVS: using max 39 ests per chain, 93600 per kthread [ 57.472602][ T6378] syz.3.115 (6378): drop_caches: 1 [ 57.516812][ T6378] syz.3.115 (6378): drop_caches: 1 [ 58.041137][ T6391] netlink: 12 bytes leftover after parsing attributes in process `syz.0.120'. [ 58.240154][ T6406] kvm: requested 4190 ns i8254 timer period limited to 200000 ns [ 58.254257][ T6406] kvm: pic: non byte read [ 58.254710][ T6409] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 58.258108][ T6409] overlayfs: failed to set xattr on upper [ 58.259657][ T6406] kvm: pic: non byte read [ 58.259866][ T6409] overlayfs: ...falling back to redirect_dir=nofollow. [ 58.265055][ T6406] kvm: pic: non byte read [ 58.265405][ T6409] overlayfs: ...falling back to index=off. [ 58.268553][ T6409] overlayfs: ...falling back to uuid=null. [ 58.269022][ T6406] kvm: pic: single mode not supported [ 58.278816][ T6406] kvm: pic: non byte read [ 58.287268][ T6406] kvm: pic: non byte read [ 58.290448][ T6406] kvm: pic: non byte read [ 58.294048][ T6406] kvm: pic: non byte read [ 58.297803][ T6406] kvm: pic: single mode not supported [ 58.297812][ T6406] kvm: pic: level sensitive irq not supported [ 58.300019][ T6406] kvm: pic: non byte read [ 58.308968][ T6406] kvm: pic: level sensitive irq not supported [ 58.309396][ T6406] kvm: pic: non byte read [ 58.322819][ T6406] kvm: pic: level sensitive irq not supported [ 58.323077][ T6406] kvm: pic: non byte read [ 58.329787][ T6406] kvm: pic: single mode not supported [ 58.330972][ T6406] kvm: pic: level sensitive irq not supported [ 58.334060][ T6406] kvm: pic: single mode not supported [ 58.335913][ T6406] kvm: pic: level sensitive irq not supported [ 58.339121][ T6406] kvm: pic: single mode not supported [ 58.344422][ T6406] kvm: pic: single mode not supported [ 58.346113][ T6406] kvm: pic: level sensitive irq not supported [ 58.357989][ T6406] kvm: pic: level sensitive irq not supported [ 58.361191][ T6406] kvm: pic: single mode not supported [ 58.367450][ T6406] kvm: pic: single mode not supported [ 58.373983][ T6406] kvm: pic: single mode not supported [ 58.375826][ T6406] kvm: pic: level sensitive irq not supported [ 58.383229][ T6406] kvm: pic: level sensitive irq not supported [ 58.386457][ T6406] kvm: pic: level sensitive irq not supported [ 58.390726][ T6406] kvm: pic: single mode not supported [ 58.747408][ T6436] netlink: 4 bytes leftover after parsing attributes in process `syz.3.138'. [ 58.794719][ T5959] Bluetooth: hci0: command 0x0c1a tx timeout [ 58.851695][ T5959] Bluetooth: hci1: command 0x0406 tx timeout [ 58.854480][ T5297] Bluetooth: hci3: command 0x0c1a tx timeout [ 58.861746][ T5959] Bluetooth: hci2: command 0x0c1a tx timeout [ 59.509406][ T39] audit: type=1804 audit(1738241677.443:9): pid=6442 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.140" name="/newroot/39/file1" dev="fuse" ino=1 res=1 errno=0 [ 59.518987][ T39] audit: type=1800 audit(1738241677.443:10): pid=6442 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.140" name="/" dev="fuse" ino=1 res=0 errno=0 [ 59.528568][ T39] audit: type=1804 audit(1738241677.443:11): pid=6442 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.140" name="/newroot/39/file1" dev="fuse" ino=1 res=1 errno=0 [ 59.535062][ T39] audit: type=1804 audit(1738241677.443:12): pid=6442 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=ToMToU comm="syz.1.140" name="/newroot/39/file1" dev="fuse" ino=1 res=1 errno=0 [ 59.551730][ T39] audit: type=1800 audit(1738241677.443:13): pid=6442 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.1.140" name="/" dev="fuse" ino=1 res=0 errno=0 [ 59.569721][ T6451] netlink: 4 bytes leftover after parsing attributes in process `syz.1.143'. [ 59.576798][ T6451] netlink: 4 bytes leftover after parsing attributes in process `syz.1.143'. [ 59.583089][ T6451] netlink: 4 bytes leftover after parsing attributes in process `syz.1.143'. [ 60.082210][ T6474] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 60.437586][ T6486] Illegal XDP return value 174789183 on prog (id 32) dev N/A, expect packet loss! [ 60.852453][ T5959] Bluetooth: hci0: command 0x0c1a tx timeout [ 60.931676][ T5959] Bluetooth: hci2: command 0x0c1a tx timeout [ 60.933226][ T5297] Bluetooth: hci3: command 0x0c1a tx timeout [ 61.100926][ T6516] syzkaller0: entered promiscuous mode [ 61.102797][ T6516] syzkaller0: entered allmulticast mode [ 62.017973][ T39] audit: type=1800 audit(1738241679.953:14): pid=6534 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed comm="syz.1.175" name="SYSV00000000" dev="hugetlbfs" ino=0 res=0 errno=0 [ 62.424934][ T6562] overlayfs: failed to clone upperpath [ 62.502345][ T6571] Bluetooth: MGMT ver 1.23 [ 62.514886][ T6570] pim6reg1: entered promiscuous mode [ 62.516472][ T6570] pim6reg1: entered allmulticast mode [ 62.677416][ T6584] netlink: 4 bytes leftover after parsing attributes in process `syz.3.194'. [ 62.776240][ T6598] netlink: 'syz.1.200': attribute type 10 has an invalid length. [ 62.780152][ T6598] bond0: (slave wlan1): Enslaving as an active interface with an up link [ 62.788485][ T6598] warning: `syz.1.200' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 62.856271][ T6607] netlink: 'syz.2.203': attribute type 4 has an invalid length. [ 62.869120][ T6607] netlink: 'syz.2.203': attribute type 4 has an invalid length. [ 62.876493][ T6611] netlink: 'syz.1.205': attribute type 10 has an invalid length. [ 63.215403][ T6632] netlink: 24 bytes leftover after parsing attributes in process `syz.1.210'. [ 63.437674][ T6644] netlink: 'syz.1.214': attribute type 4 has an invalid length. [ 63.698837][ T6667] netlink: 12 bytes leftover after parsing attributes in process `syz.1.223'. [ 63.716439][ T6667] netlink: 4 bytes leftover after parsing attributes in process `syz.1.223'. [ 63.719245][ T6667] bridge_slave_1: left allmulticast mode [ 63.720997][ T6667] bridge_slave_1: left promiscuous mode [ 63.725181][ T6667] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.743463][ T6667] bridge_slave_0: left allmulticast mode [ 63.745850][ T6667] bridge_slave_0: left promiscuous mode [ 63.747633][ T6667] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.919061][ T6675] netlink: 'syz.3.227': attribute type 4 has an invalid length. [ 63.930390][ T6675] netlink: 'syz.3.227': attribute type 4 has an invalid length. [ 63.946691][ T6677] sit0: entered promiscuous mode [ 63.948345][ T6677] vlan2: entered promiscuous mode [ 63.958119][ T6677] sit0: left promiscuous mode [ 63.974652][ T6679] trusted_key: syz.1.229 sent an empty control message without MSG_MORE. [ 64.305379][ T6700] Process accounting resumed [ 64.341908][ T6705] overlayfs: failed to clone upperpath [ 64.615624][ T6726] netlink: 'syz.0.247': attribute type 1 has an invalid length. [ 64.635618][ T6726] 8021q: adding VLAN 0 to HW filter on device bond1 [ 64.651918][ T6726] bond1: (slave bridge2): making interface the new active one [ 64.654746][ T6726] bond1: (slave bridge2): Enslaving as an active interface with an up link [ 64.668724][ T6726] vlan2: entered promiscuous mode [ 64.670252][ T6726] bond1: entered promiscuous mode [ 64.672703][ T6726] bridge2: entered promiscuous mode [ 64.679164][ T6726] vlan2: entered allmulticast mode [ 64.680685][ T6726] bond1: entered allmulticast mode [ 64.682271][ T6726] bridge2: entered allmulticast mode [ 64.989845][ T6743] mmap: syz.0.255 (6743) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 65.066214][ T6759] netlink: 4 bytes leftover after parsing attributes in process `syz.2.259'. [ 65.363384][ T6772] overlayfs: failed to clone upperpath [ 66.148026][ T6789] evm: overlay not supported [ 66.153746][ T6789] overlayfs: failed to get index nlink (file1/bus, err=-61) [ 66.323123][ T6792] netlink: 4 bytes leftover after parsing attributes in process `syz.3.271'. [ 66.500620][ T6808] uprobe: syz.2.277:6808 failed to unregister, leaking uprobe [ 66.634728][ T6817] netlink: 'syz.1.281': attribute type 9 has an invalid length. [ 66.637060][ T6817] netlink: 8 bytes leftover after parsing attributes in process `syz.1.281'. [ 66.682348][ T6821] bond0: (slave bond_slave_0): Releasing backup interface [ 66.687032][ T6821] bond0: (slave bond_slave_1): Releasing backup interface [ 66.698386][ T6821] team0: Port device team_slave_0 removed [ 66.707614][ T6821] team0: Port device team_slave_1 removed [ 66.709653][ T6821] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 66.712226][ T6821] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 66.716159][ T6821] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 66.718380][ T6821] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 66.724356][ T6821] bond0: (slave wlan1): Releasing backup interface [ 66.743338][ T6823] block device autoloading is deprecated and will be removed. [ 66.749848][ T6824] bond0: entered promiscuous mode [ 66.759629][ T6824] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 66.764535][ T6824] bond0: left promiscuous mode [ 66.908022][ T6832] process 'syz.1.287' launched './file1' with NULL argv: empty string added [ 67.003441][ T5984] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 67.157654][ T6840] netlink: 4 bytes leftover after parsing attributes in process `syz.3.290'. [ 67.161250][ T6840] netlink: 12 bytes leftover after parsing attributes in process `syz.3.290'. [ 67.173830][ T5984] usb 7-1: config 0 has no interfaces? [ 67.176385][ T5984] usb 7-1: New USB device found, idVendor=05ac, idProduct=8243, bcdDevice=8b.40 [ 67.179361][ T5984] usb 7-1: New USB device strings: Mfr=11, Product=0, SerialNumber=0 [ 67.182145][ T5984] usb 7-1: Manufacturer: syz [ 67.190168][ T5984] usb 7-1: config 0 descriptor?? [ 67.227178][ T6842] 9pnet: p9_errstr2errno: server reported unknown error 184467440737 [ 67.462916][ T6819] md2: using deprecated bitmap file support [ 67.465033][ T6819] md2: error: bitmap file is already in use [ 67.475536][ T5984] usb 7-1: USB disconnect, device number 2 [ 68.034613][ T39] audit: type=1326 audit(1738241685.973:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6886 comm="syz.2.309" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 68.040746][ T39] audit: type=1326 audit(1738241685.973:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6886 comm="syz.2.309" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 68.074735][ T39] audit: type=1326 audit(1738241685.973:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6886 comm="syz.2.309" exe="/syz-executor" sig=0 arch=40000003 syscall=192 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 68.111784][ T39] audit: type=1326 audit(1738241686.053:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6886 comm="syz.2.309" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 68.119361][ T39] audit: type=1326 audit(1738241686.053:19): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6886 comm="syz.2.309" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 68.209114][ T39] audit: type=1326 audit(1738241686.143:20): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6886 comm="syz.2.309" exe="/syz-executor" sig=0 arch=40000003 syscall=219 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 68.224170][ T39] audit: type=1326 audit(1738241686.153:21): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6886 comm="syz.2.309" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 68.233227][ T6887] capability: warning: `syz.2.309' uses 32-bit capabilities (legacy support in use) [ 68.241109][ T39] audit: type=1326 audit(1738241686.153:22): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6886 comm="syz.2.309" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 68.259971][ T39] audit: type=1326 audit(1738241686.173:23): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6886 comm="syz.2.309" exe="/syz-executor" sig=0 arch=40000003 syscall=185 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 68.300367][ T39] audit: type=1326 audit(1738241686.173:24): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6886 comm="syz.2.309" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf744e579 code=0x7ffc0000 [ 68.361061][ T6864] Set syz1 is full, maxelem 65536 reached [ 68.540063][ T6902] overlayfs: failed to clone upperpath [ 69.506503][ T6925] netlink: 24 bytes leftover after parsing attributes in process `syz.1.323'. [ 69.831718][ T9] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 69.981603][ T9] usb 6-1: Using ep0 maxpacket: 32 [ 69.986541][ T9] usb 6-1: config index 0 descriptor too short (expected 29220, got 36) [ 69.988971][ T9] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 69.991461][ T9] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 69.994767][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 70.001584][ T9] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 70.004381][ T9] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 70.008106][ T9] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 70.010730][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.023165][ T9] usb 6-1: config 0 descriptor?? [ 70.242314][ T9] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 2 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 70.249402][ T9] usb 6-1: USB disconnect, device number 2 [ 70.257611][ T9] usblp0: removed [ 70.681705][ T9] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 70.831701][ T9] usb 6-1: Using ep0 maxpacket: 32 [ 70.837189][ T9] usb 6-1: config index 0 descriptor too short (expected 29220, got 36) [ 70.839821][ T9] usb 6-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 70.842508][ T9] usb 6-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 70.845129][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 70.847950][ T9] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 70.851253][ T9] usb 6-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 70.856545][ T9] usb 6-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 70.860233][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.864365][ T9] usb 6-1: config 0 descriptor?? [ 70.867544][ T1414] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.870505][ T1414] ieee802154 phy1 wpan1: encryption failed: -22 [ 70.959099][ T6960] netlink: 28 bytes leftover after parsing attributes in process `syz.2.335'. [ 70.961909][ T6960] tipc: Started in network mode [ 70.963464][ T6960] tipc: Node identity 7, cluster identity 5 [ 70.965332][ T6960] tipc: Node number set to 7 [ 71.075589][ T9] usblp 6-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 71.333677][ C3] usblp0: nonzero read bulk status received: -71 [ 71.333789][ T1463] usb 6-1: USB disconnect, device number 3 [ 71.336875][ T6929] usblp0: error -71 reading from printer [ 71.344114][ T6971] veth0_to_team: entered promiscuous mode [ 71.346325][ T6971] veth0_to_team: entered allmulticast mode [ 71.394865][ T6975] netlink: 12 bytes leftover after parsing attributes in process `syz.3.341'. [ 71.544445][ T6928] usblp0: removed [ 71.730866][ T7001] overlayfs: failed to clone upperpath [ 71.962925][ T7017] »»»»»»çÿÆåS›2d: renamed from lo (while UP) [ 73.048511][ T7048] netlink: 12 bytes leftover after parsing attributes in process `syz.3.370'. [ 73.051602][ T9] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 73.067169][ T7048] bridge_slave_1: left allmulticast mode [ 73.068897][ T7048] bridge_slave_1: left promiscuous mode [ 73.070667][ T7048] bridge0: port 2(bridge_slave_1) entered disabled state [ 73.074925][ T7048] bridge3: port 1(bridge_slave_1) entered blocking state [ 73.077075][ T7048] bridge3: port 1(bridge_slave_1) entered disabled state [ 73.079598][ T7048] bridge_slave_1: entered allmulticast mode [ 73.087372][ T7048] bridge_slave_1: entered promiscuous mode [ 73.216446][ T9] usb 7-1: config 0 has 0 interfaces, different from the descriptor's value: 1 [ 73.222141][ T9] usb 7-1: New USB device found, idVendor=091e, idProduct=0003, bcdDevice=d7.3b [ 73.224962][ T9] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 73.227523][ T9] usb 7-1: Product: syz [ 73.228854][ T9] usb 7-1: Manufacturer: syz [ 73.230372][ T9] usb 7-1: SerialNumber: syz [ 73.242184][ T9] usb 7-1: config 0 descriptor?? [ 73.397556][ T7059] sch_tbf: burst 19872 is lower than device lo mtu (65550) ! [ 73.660672][ T5950] usb 7-1: USB disconnect, device number 3 [ 74.196984][ T7066] netlink: 4 bytes leftover after parsing attributes in process `syz.2.376'. [ 74.200533][ T7066] netlink: 4 bytes leftover after parsing attributes in process `syz.2.376'. [ 74.205963][ T7066] netlink: 4 bytes leftover after parsing attributes in process `syz.2.376'. [ 74.213777][ T7067] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 74.757347][ T7095] netlink: 28 bytes leftover after parsing attributes in process `syz.1.385'. [ 74.760875][ T7095] netlink: 28 bytes leftover after parsing attributes in process `syz.1.385'. [ 75.202715][ T7108] netlink: 12 bytes leftover after parsing attributes in process `syz.0.388'. [ 75.215118][ T7108] netlink: 4 bytes leftover after parsing attributes in process `syz.0.388'. [ 75.874416][ T39] kauditd_printk_skb: 6 callbacks suppressed [ 75.874427][ T39] audit: type=1326 audit(1738241693.813:31): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7102 comm="syz.1.387" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7ff8579 code=0x7fc00000 [ 75.976781][ T35] cfg80211: failed to load regulatory.db [ 76.844424][ T7162] picdev_read: 102 callbacks suppressed [ 76.844441][ T7162] kvm: pic: non byte read [ 76.848313][ T7162] kvm: pic: non byte read [ 76.849996][ T7162] kvm: pic: non byte read [ 76.851749][ T7162] kvm: pic: non byte read [ 76.853625][ T7162] kvm: pic: non byte read [ 76.855590][ T7162] kvm: pic: non byte read [ 76.857263][ T7162] kvm: pic: non byte read [ 76.858943][ T7162] kvm: pic: non byte read [ 76.860586][ T7162] kvm: pic: non byte read [ 76.862390][ T7162] kvm: pic: non byte read [ 77.049031][ T7175] netlink: 'syz.1.410': attribute type 21 has an invalid length. [ 77.051410][ T7175] netlink: 'syz.1.410': attribute type 6 has an invalid length. [ 77.053785][ T7175] netlink: 132 bytes leftover after parsing attributes in process `syz.1.410'. [ 77.908059][ T7180] bridge_slave_0: left allmulticast mode [ 77.910390][ T7180] bridge_slave_0: left promiscuous mode [ 77.913060][ T7180] bridge0: port 1(bridge_slave_0) entered disabled state [ 77.925699][ T7180] bridge_slave_1: left allmulticast mode [ 77.927985][ T7180] bridge_slave_1: left promiscuous mode [ 77.930363][ T7180] bridge3: port 1(bridge_slave_1) entered disabled state [ 77.952018][ T7180] bond0: (slave bond_slave_0): Releasing backup interface [ 77.956363][ T7180] bond0: (slave bond_slave_1): Releasing backup interface [ 77.967543][ T7180] team0: Port device team_slave_0 removed [ 77.974172][ T7180] team0: Port device team_slave_1 removed [ 77.976675][ T7180] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 77.978860][ T7180] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 77.983154][ T7180] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 77.985644][ T7180] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 78.071335][ T7180] bond0: entered promiscuous mode [ 78.073250][ T7180] 8021q: adding VLAN 0 to HW filter on device macvlan2 [ 78.076853][ T7180] bond0: left promiscuous mode [ 78.477675][ T7194] sch_tbf: burst 19872 is lower than device lo mtu (11337746) ! [ 78.562688][ T7203] netlink: 'syz.0.420': attribute type 4 has an invalid length. [ 78.884836][ T6005] libceph: connect (1)[c::]:6789 error -101 [ 78.887463][ T6005] libceph: mon0 (1)[c::]:6789 connect error [ 78.919634][ T7216] netlink: 12 bytes leftover after parsing attributes in process `syz.1.424'. [ 79.021767][ T7212] ceph: No mds server is up or the cluster is laggy [ 79.522776][ T7244] dccp_invalid_packet: P.Data Offset(4) too small [ 79.530964][ T7244] netlink: 'syz.2.432': attribute type 1 has an invalid length. [ 79.538319][ T7244] bond1: entered promiscuous mode [ 79.539973][ T7244] 8021q: adding VLAN 0 to HW filter on device bond1 [ 79.583765][ T7244] 8021q: adding VLAN 0 to HW filter on device bond1 [ 79.585866][ T7244] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address [ 79.588847][ T7244] bond1: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode [ 79.593152][ T7244] bond1: (slave ip6gre1): making interface the new active one [ 79.595363][ T7244] ip6gre1: entered promiscuous mode [ 79.597455][ T7244] bond1: (slave ip6gre1): Enslaving as an active interface with an up link [ 79.615821][ T7244] netlink: 4 bytes leftover after parsing attributes in process `syz.2.432'. [ 79.682520][ T7244] bond1 (unregistering): (slave ip6gre1): Releasing backup interface [ 79.684893][ T7244] ip6gre1: left promiscuous mode [ 79.687796][ T7244] bond1 (unregistering): Released all slaves [ 80.825206][ T7261] netlink: 'syz.0.444': attribute type 4 has an invalid length. [ 80.831071][ T7261] netlink: 'syz.0.444': attribute type 4 has an invalid length. [ 81.654610][ T1320] libceph: connect (1)[c::]:6789 error -101 [ 81.657244][ T1320] libceph: mon0 (1)[c::]:6789 connect error [ 81.805328][ T7265] ceph: No mds server is up or the cluster is laggy [ 81.917287][ T7280] misc userio: Invalid payload size [ 81.919117][ T7280] misc userio: Invalid payload size [ 83.038387][ T7319] netlink: 8 bytes leftover after parsing attributes in process `syz.1.449'. [ 83.064129][ T7317] netlink: 4 bytes leftover after parsing attributes in process `syz.0.450'. [ 83.075134][ T7317] team1: entered promiscuous mode [ 83.077384][ T7317] 8021q: adding VLAN 0 to HW filter on device team1 [ 83.860072][ T7319] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 83.863193][ T7319] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 83.872421][ T7319] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 83.875919][ T7319] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 83.888889][ T7319] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 83.891903][ T7319] Bluetooth: hci3: Error when powering off device on rfkill (-4) [ 84.530595][ T7357] uprobe: syz.0.471:7357 failed to unregister, leaking uprobe [ 84.942673][ T7371] dccp_invalid_packet: P.Data Offset(4) too small [ 84.948603][ T7371] netlink: 'syz.3.468': attribute type 1 has an invalid length. [ 84.959179][ T7371] bond1: entered promiscuous mode [ 84.961044][ T7371] 8021q: adding VLAN 0 to HW filter on device bond1 [ 84.990869][ T7371] 8021q: adding VLAN 0 to HW filter on device bond1 [ 84.994092][ T7371] bond1: (slave ip6gre1): The slave device specified does not support setting the MAC address [ 84.997241][ T7371] bond1: (slave ip6gre1): Setting fail_over_mac to active for active-backup mode [ 85.004145][ T7371] bond1: (slave ip6gre1): making interface the new active one [ 85.006361][ T7371] ip6gre1: entered promiscuous mode [ 85.008368][ T7371] bond1: (slave ip6gre1): Enslaving as an active interface with an up link [ 85.059102][ T7371] netlink: 4 bytes leftover after parsing attributes in process `syz.3.468'. [ 85.187356][ T7371] bond1 (unregistering): (slave ip6gre1): Releasing backup interface [ 85.190868][ T7371] ip6gre1: left promiscuous mode [ 85.194610][ T7371] bond1 (unregistering): Released all slaves [ 86.168137][ T7385] netlink: 8 bytes leftover after parsing attributes in process `syz.2.474'. [ 86.172398][ T7385] netlink: 4 bytes leftover after parsing attributes in process `syz.2.474'. [ 86.175576][ T7385] netlink: 32 bytes leftover after parsing attributes in process `syz.2.474'. [ 86.178212][ T7385] block nbd0: Unsupported socket: shutdown callout must be supported. [ 86.364067][ T7394] lo speed is unknown, defaulting to 1000 [ 86.367962][ T7394] lo speed is unknown, defaulting to 1000 [ 86.370481][ T7394] lo speed is unknown, defaulting to 1000 [ 86.412406][ T7394] infiniband sz1: set down [ 86.415129][ T6005] lo speed is unknown, defaulting to 1000 [ 86.417352][ T7394] infiniband sz1: added lo [ 86.421672][ T7397] netlink: 'syz.1.477': attribute type 1 has an invalid length. [ 86.424824][ T7397] netlink: 'syz.1.477': attribute type 3 has an invalid length. [ 86.428040][ T7397] netlink: 224 bytes leftover after parsing attributes in process `syz.1.477'. [ 86.432082][ T7397] »»»»»»7: renamed from lo [ 86.454628][ T7394] RDS/IB: sz1: added [ 86.456566][ T7394] smc: adding ib device sz1 with port count 1 [ 86.458876][ T7394] smc: ib device sz1 port 1 has pnetid [ 86.461873][ T1320] »»»»»»7 speed is unknown, defaulting to 1000 [ 86.465098][ T7394] »»»»»»7 speed is unknown, defaulting to 1000 [ 86.510259][ T7394] »»»»»»7 speed is unknown, defaulting to 1000 [ 86.551046][ T7394] »»»»»»7 speed is unknown, defaulting to 1000 [ 86.592210][ T7394] »»»»»»7 speed is unknown, defaulting to 1000 [ 87.043976][ T7406] netlink: 12 bytes leftover after parsing attributes in process `syz.3.481'. [ 87.513554][ T7426] overlayfs: missing 'lowerdir' [ 87.867756][ T7437] netlink: 20 bytes leftover after parsing attributes in process `syz.0.487'. [ 88.391012][ T7444] netlink: 4 bytes leftover after parsing attributes in process `syz.0.495'. [ 88.467394][ T7446] netlink: 'syz.2.496': attribute type 4 has an invalid length. [ 88.514335][ T7450] mac80211_hwsim hwsim5 syzkaller0: entered promiscuous mode [ 88.516530][ T7450] mac80211_hwsim hwsim5 syzkaller0: entered allmulticast mode [ 88.521551][ T1031] ------------[ cut here ]------------ [ 88.523272][ T1031] Invalid VIF (ffff88804c7a29d0) magic 0x0, 08:02:11:00:00:01, 2/1 [ 88.525749][ T1031] WARNING: CPU: 1 PID: 1031 at drivers/net/wireless/virtual/mac80211_hwsim.c:235 mac80211_hwsim_tx+0x1c48/0x24d0 [ 88.529190][ T1031] Modules linked in: [ 88.530475][ T1031] CPU: 1 UID: 0 PID: 1031 Comm: kworker/u32:5 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 88.535120][ T1031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 88.538176][ T1031] Workqueue: ipv6_addrconf addrconf_dad_work [ 88.539907][ T1031] RIP: 0010:mac80211_hwsim_tx+0x1c48/0x24d0 [ 88.541708][ T1031] Code: c0 74 08 3c 03 0f 8e 5a 08 00 00 45 8b 04 24 44 89 ea 4c 89 e6 48 c7 c7 00 cf 26 8c 49 8d 8c 24 5a 04 00 00 e8 69 4a 9b fa 90 <0f> 0b 90 90 e9 36 e6 ff ff e8 0a 62 da fa e8 65 86 bf fa 31 ff 89 [ 88.547155][ T1031] RSP: 0000:ffffc90006866d50 EFLAGS: 00010286 [ 88.548965][ T1031] RAX: 0000000000000000 RBX: ffff88801faf91c0 RCX: ffffffff8179c4f9 [ 88.551279][ T1031] RDX: ffff8880255fa440 RSI: ffffffff8179c506 RDI: 0000000000000001 [ 88.553610][ T1031] RBP: ffffc90006866e68 R08: 0000000000000001 R09: 0000000000000000 [ 88.555881][ T1031] R10: 0000000000000000 R11: 0000000000000009 R12: ffff88804c7a29d0 [ 88.558151][ T1031] R13: 0000000000000000 R14: ffff888069c230a0 R15: ffff88801faf9180 [ 88.560498][ T1031] FS: 0000000000000000(0000) GS:ffff88802b500000(0000) knlGS:0000000000000000 [ 88.563132][ T1031] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 88.565067][ T1031] CR2: 000000000c327743 CR3: 000000006d0ba000 CR4: 0000000000352ef0 [ 88.567359][ T1031] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 88.569633][ T1031] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 88.571962][ T1031] Call Trace: [ 88.572943][ T1031] [ 88.573835][ T1031] ? __warn+0xea/0x3c0 [ 88.575050][ T1031] ? mac80211_hwsim_tx+0x1c48/0x24d0 [ 88.576618][ T1031] ? report_bug+0x3c0/0x580 [ 88.577949][ T1031] ? handle_bug+0x54/0xa0 [ 88.579215][ T1031] ? exc_invalid_op+0x17/0x50 [ 88.580588][ T1031] ? asm_exc_invalid_op+0x1a/0x20 [ 88.582106][ T1031] ? __warn_printk+0x199/0x350 [ 88.583498][ T1031] ? __warn_printk+0x1a6/0x350 [ 88.584910][ T1031] ? mac80211_hwsim_tx+0x1c48/0x24d0 [ 88.586454][ T1031] ieee80211_handle_wake_tx_queue+0x18a/0x260 [ 88.588207][ T1031] ? __ieee80211_schedule_txq+0x167/0xc30 [ 88.589881][ T1031] ? __pfx_ieee80211_handle_wake_tx_queue+0x10/0x10 [ 88.591759][ T1031] ? __pfx___ieee80211_schedule_txq+0x10/0x10 [ 88.593530][ T1031] ? __local_bh_enable_ip+0xa4/0x120 [ 88.595084][ T1031] ieee80211_queue_skb+0x12b5/0x2010 [ 88.596624][ T1031] ieee80211_tx+0x2e6/0x420 [ 88.597961][ T1031] ? __pfx_ieee80211_tx+0x10/0x10 [ 88.599450][ T1031] ? rcu_is_watching+0x12/0xc0 [ 88.600862][ T1031] ? ieee80211_skb_resize+0x22a/0x630 [ 88.602478][ T1031] ? ieee80211_set_qos_hdr+0x357/0x3e0 [ 88.604069][ T1031] ieee80211_xmit+0x30e/0x3e0 [ 88.605463][ T1031] __ieee80211_subif_start_xmit+0xa62/0x1410 [ 88.607194][ T1031] ? __pfx___ieee80211_subif_start_xmit+0x10/0x10 [ 88.609061][ T1031] ? __lock_acquire+0x15a9/0x3c40 [ 88.610580][ T1031] ieee80211_subif_start_xmit+0x118/0x16c0 [ 88.612360][ T1031] ? __pfx___lock_acquire+0x10/0x10 [ 88.613871][ T1031] ? skb_network_protocol+0x127/0x6d0 [ 88.615449][ T1031] ? __pfx_ieee80211_subif_start_xmit+0x10/0x10 [ 88.617262][ T1031] ? lock_acquire.part.0+0x11b/0x380 [ 88.618800][ T1031] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 88.620441][ T1031] ? rcu_is_watching+0x12/0xc0 [ 88.621920][ T1031] ? dev_hard_start_xmit+0x9a/0x7b0 [ 88.623426][ T1031] dev_hard_start_xmit+0x9a/0x7b0 [ 88.625032][ T1031] __dev_queue_xmit+0x7f0/0x43e0 [ 88.626497][ T1031] ? __lock_acquire+0x15a9/0x3c40 [ 88.627962][ T1031] ? __pfx___dev_queue_xmit+0x10/0x10 [ 88.629537][ T1031] ? __free_zapped_classes+0x2b0/0x2f0 [ 88.631130][ T1031] ? __pfx___lock_acquire+0x10/0x10 [ 88.632703][ T1031] ? __pfx_mark_lock+0x10/0x10 [ 88.634110][ T1031] ? find_held_lock+0x2d/0x110 [ 88.635521][ T1031] ? skb_push+0x9a/0xf0 [ 88.636728][ T1031] ? eth_header+0x16a/0x1f0 [ 88.638068][ T1031] neigh_resolve_output+0x53a/0x940 [ 88.639590][ T1031] ip6_finish_output2+0xb20/0x2090 [ 88.641160][ T1031] ip6_finish_output+0x3f9/0x1360 [ 88.642752][ T1031] ip6_output+0x1f8/0x540 [ 88.644070][ T1031] ? __pfx_ip6_output+0x10/0x10 [ 88.645517][ T1031] ndisc_send_skb+0xa69/0x1c50 [ 88.646907][ T1031] ? __pfx_ndisc_send_skb+0x10/0x10 [ 88.648431][ T1031] ? __pfx_dst_output+0x10/0x10 [ 88.649858][ T1031] ? skb_set_owner_w+0x320/0x710 [ 88.651323][ T1031] ? __pfx_ipv6_get_ifaddr+0x10/0x10 [ 88.652903][ T1031] ? skb_put+0x138/0x1b0 [ 88.654211][ T1031] ndisc_send_rs+0x129/0x670 [ 88.655598][ T1031] addrconf_dad_completed+0x4a1/0x1060 [ 88.657193][ T1031] ? __pfx_addrconf_dad_completed+0x10/0x10 [ 88.658939][ T1031] ? mark_held_locks+0x9f/0xe0 [ 88.660378][ T1031] ? addrconf_dad_work+0xcf6/0x14e0 [ 88.662048][ T1031] addrconf_dad_work+0xcf6/0x14e0 [ 88.663661][ T1031] ? __pfx_addrconf_dad_work+0x10/0x10 [ 88.665272][ T1031] ? process_one_work+0x8bb/0x1b30 [ 88.666782][ T1031] ? lock_acquire+0x2f/0xb0 [ 88.668123][ T1031] ? process_one_work+0x8bb/0x1b30 [ 88.669637][ T1031] process_one_work+0x958/0x1b30 [ 88.671107][ T1031] ? __pfx_update_gid_event_work_handler+0x10/0x10 [ 88.673033][ T1031] ? __pfx_process_one_work+0x10/0x10 [ 88.674606][ T1031] ? assign_work+0x1a0/0x250 [ 88.675963][ T1031] worker_thread+0x6c8/0xf00 [ 88.677407][ T1031] ? __kthread_parkme+0x148/0x220 [ 88.678895][ T1031] ? __pfx_worker_thread+0x10/0x10 [ 88.680377][ T1031] kthread+0x3af/0x750 [ 88.681643][ T1031] ? __pfx_kthread+0x10/0x10 [ 88.682989][ T1031] ? lock_acquire+0x2f/0xb0 [ 88.684334][ T1031] ? __pfx_kthread+0x10/0x10 [ 88.685695][ T1031] ret_from_fork+0x45/0x80 [ 88.686996][ T1031] ? __pfx_kthread+0x10/0x10 [ 88.688344][ T1031] ret_from_fork_asm+0x1a/0x30 [ 88.689752][ T1031] [ 88.690681][ T1031] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 88.692774][ T1031] CPU: 1 UID: 0 PID: 1031 Comm: kworker/u32:5 Not tainted 6.13.0-syzkaller-09485-g72deda0abee6 #0 [ 88.695802][ T1031] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 88.698869][ T1031] Workqueue: ipv6_addrconf addrconf_dad_work [ 88.700601][ T1031] Call Trace: [ 88.701617][ T1031] [ 88.702488][ T1031] dump_stack_lvl+0x3d/0x1f0 [ 88.703831][ T1031] panic+0x71d/0x800 [ 88.705009][ T1031] ? __pfx_panic+0x10/0x10 [ 88.706331][ T1031] ? show_trace_log_lvl+0x29d/0x3d0 [ 88.707836][ T1031] ? check_panic_on_warn+0x1f/0xb0 [ 88.709344][ T1031] ? mac80211_hwsim_tx+0x1c48/0x24d0 [ 88.710903][ T1031] check_panic_on_warn+0xab/0xb0 [ 88.712335][ T1031] __warn+0xf6/0x3c0 [ 88.713472][ T1031] ? mac80211_hwsim_tx+0x1c48/0x24d0 [ 88.715003][ T1031] report_bug+0x3c0/0x580 [ 88.716264][ T1031] handle_bug+0x54/0xa0 [ 88.717494][ T1031] exc_invalid_op+0x17/0x50 [ 88.718839][ T1031] asm_exc_invalid_op+0x1a/0x20 [ 88.720258][ T1031] RIP: 0010:mac80211_hwsim_tx+0x1c48/0x24d0 [ 88.721998][ T1031] Code: c0 74 08 3c 03 0f 8e 5a 08 00 00 45 8b 04 24 44 89 ea 4c 89 e6 48 c7 c7 00 cf 26 8c 49 8d 8c 24 5a 04 00 00 e8 69 4a 9b fa 90 <0f> 0b 90 90 e9 36 e6 ff ff e8 0a 62 da fa e8 65 86 bf fa 31 ff 89 [ 88.727408][ T1031] RSP: 0000:ffffc90006866d50 EFLAGS: 00010286 [ 88.729167][ T1031] RAX: 0000000000000000 RBX: ffff88801faf91c0 RCX: ffffffff8179c4f9 [ 88.731444][ T1031] RDX: ffff8880255fa440 RSI: ffffffff8179c506 RDI: 0000000000000001 [ 88.733720][ T1031] RBP: ffffc90006866e68 R08: 0000000000000001 R09: 0000000000000000 [ 88.735978][ T1031] R10: 0000000000000000 R11: 0000000000000009 R12: ffff88804c7a29d0 [ 88.738230][ T1031] R13: 0000000000000000 R14: ffff888069c230a0 R15: ffff88801faf9180 [ 88.740519][ T1031] ? __warn_printk+0x199/0x350 [ 88.741921][ T1031] ? __warn_printk+0x1a6/0x350 [ 88.743315][ T1031] ieee80211_handle_wake_tx_queue+0x18a/0x260 [ 88.745029][ T1031] ? __ieee80211_schedule_txq+0x167/0xc30 [ 88.746684][ T1031] ? __pfx_ieee80211_handle_wake_tx_queue+0x10/0x10 [ 88.748615][ T1031] ? __pfx___ieee80211_schedule_txq+0x10/0x10 [ 88.750412][ T1031] ? __local_bh_enable_ip+0xa4/0x120 [ 88.751953][ T1031] ieee80211_queue_skb+0x12b5/0x2010 [ 88.753499][ T1031] ieee80211_tx+0x2e6/0x420 [ 88.754806][ T1031] ? __pfx_ieee80211_tx+0x10/0x10 [ 88.756092][ T1031] ? rcu_is_watching+0x12/0xc0 [ 88.757313][ T1031] ? ieee80211_skb_resize+0x22a/0x630 [ 88.758858][ T1031] ? ieee80211_set_qos_hdr+0x357/0x3e0 [ 88.760422][ T1031] ieee80211_xmit+0x30e/0x3e0 [ 88.761809][ T1031] __ieee80211_subif_start_xmit+0xa62/0x1410 [ 88.763533][ T1031] ? __pfx___ieee80211_subif_start_xmit+0x10/0x10 [ 88.765399][ T1031] ? __lock_acquire+0x15a9/0x3c40 [ 88.766861][ T1031] ieee80211_subif_start_xmit+0x118/0x16c0 [ 88.768548][ T1031] ? __pfx___lock_acquire+0x10/0x10 [ 88.770064][ T1031] ? skb_network_protocol+0x127/0x6d0 [ 88.771632][ T1031] ? __pfx_ieee80211_subif_start_xmit+0x10/0x10 [ 88.773444][ T1031] ? lock_acquire.part.0+0x11b/0x380 [ 88.774989][ T1031] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 88.776610][ T1031] ? rcu_is_watching+0x12/0xc0 [ 88.778014][ T1031] ? dev_hard_start_xmit+0x9a/0x7b0 [ 88.779552][ T1031] dev_hard_start_xmit+0x9a/0x7b0 [ 88.781053][ T1031] __dev_queue_xmit+0x7f0/0x43e0 [ 88.782517][ T1031] ? __lock_acquire+0x15a9/0x3c40 [ 88.784000][ T1031] ? __pfx___dev_queue_xmit+0x10/0x10 [ 88.785587][ T1031] ? __free_zapped_classes+0x2b0/0x2f0 [ 88.787158][ T1031] ? __pfx___lock_acquire+0x10/0x10 [ 88.788663][ T1031] ? __pfx_mark_lock+0x10/0x10 [ 88.790065][ T1031] ? find_held_lock+0x2d/0x110 [ 88.791476][ T1031] ? skb_push+0x9a/0xf0 [ 88.792688][ T1031] ? eth_header+0x16a/0x1f0 [ 88.794059][ T1031] neigh_resolve_output+0x53a/0x940 [ 88.795580][ T1031] ip6_finish_output2+0xb20/0x2090 [ 88.797072][ T1031] ip6_finish_output+0x3f9/0x1360 [ 88.798570][ T1031] ip6_output+0x1f8/0x540 [ 88.799826][ T1031] ? __pfx_ip6_output+0x10/0x10 [ 88.801255][ T1031] ndisc_send_skb+0xa69/0x1c50 [ 88.802651][ T1031] ? __pfx_ndisc_send_skb+0x10/0x10 [ 88.804149][ T1031] ? __pfx_dst_output+0x10/0x10 [ 88.805463][ T1031] ? skb_set_owner_w+0x320/0x710 [ 88.806908][ T1031] ? __pfx_ipv6_get_ifaddr+0x10/0x10 [ 88.808451][ T1031] ? skb_put+0x138/0x1b0 [ 88.809716][ T1031] ndisc_send_rs+0x129/0x670 [ 88.811075][ T1031] addrconf_dad_completed+0x4a1/0x1060 [ 88.812652][ T1031] ? __pfx_addrconf_dad_completed+0x10/0x10 [ 88.814382][ T1031] ? mark_held_locks+0x9f/0xe0 [ 88.815786][ T1031] ? addrconf_dad_work+0xcf6/0x14e0 [ 88.817321][ T1031] addrconf_dad_work+0xcf6/0x14e0 [ 88.818814][ T1031] ? __pfx_addrconf_dad_work+0x10/0x10 [ 88.820385][ T1031] ? process_one_work+0x8bb/0x1b30 [ 88.821881][ T1031] ? lock_acquire+0x2f/0xb0 [ 88.823176][ T1031] ? process_one_work+0x8bb/0x1b30 [ 88.824675][ T1031] process_one_work+0x958/0x1b30 [ 88.826088][ T1031] ? __pfx_update_gid_event_work_handler+0x10/0x10 [ 88.827984][ T1031] ? __pfx_process_one_work+0x10/0x10 [ 88.829565][ T1031] ? assign_work+0x1a0/0x250 [ 88.830927][ T1031] worker_thread+0x6c8/0xf00 [ 88.832274][ T1031] ? __kthread_parkme+0x148/0x220 [ 88.833746][ T1031] ? __pfx_worker_thread+0x10/0x10 [ 88.835241][ T1031] kthread+0x3af/0x750 [ 88.836456][ T1031] ? __pfx_kthread+0x10/0x10 [ 88.837747][ T1031] ? lock_acquire+0x2f/0xb0 [ 88.839094][ T1031] ? __pfx_kthread+0x10/0x10 [ 88.840394][ T1031] ret_from_fork+0x45/0x80 [ 88.841659][ T1031] ? __pfx_kthread+0x10/0x10 [ 88.843008][ T1031] ret_from_fork_asm+0x1a/0x30 [ 88.844417][ T1031] [ 88.845863][ T1031] Kernel Offset: disabled [ 88.847201][ T1031] Rebooting in 86400 seconds.. VM DIAGNOSIS: 12:55:06 Registers: info registers vcpu 0 CPU#0 RAX=0000000000187e13 RBX=0000000000000000 RCX=ffffffff8b45ee39 RDX=0000000000000000 RSI=ffffffff8b6ce540 RDI=ffffffff8bd2c0c0 RBP=fffffbfff1bd2ee8 RSP=ffffffff8de07e20 R8 =0000000000000001 R9 =ffffed1005686f7d R10=ffff88802b437beb R11=0000000000000000 R12=0000000000000000 R13=ffffffff8de97740 R14=ffffffff905fbc10 R15=0000000000000000 RIP=ffffffff8b46021f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000056e6e4c0 CR3=000000004be08000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000044 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff853801f5 RDI=ffffffff9aaceea0 RBP=ffffffff9aacee60 RSP=ffffc900068666d8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=000000000000000d R12=0000000000000000 R13=0000000000000044 R14=ffffffff9aacee60 R15=0000000000000000 RIP=ffffffff8538021f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c327743 CR3=000000006d0ba000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000c800000000 0000000300000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000000 RBX=ffffc90004297e28 RCX=0000000000000001 RDX=ffff888024f168d0 RSI=ffff888025db35c0 RDI=ffffffff8e3d89e0 RBP=ffffc90004297cd0 RSP=ffffc90004297b78 R8 =0000000000000005 R9 =0000000000200000 R10=0000000000200000 R11=0000000000000003 R12=0000000000200000 R13=ffff888024f168d0 R14=ffff888012a67c50 R15=ffff888012a67be8 RIP=ffffffff82305270 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c314587 CR3=000000004be08000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 EAX=8200ba9b EBX=ffffffff ECX=ffffffff EDX=8200ad1a ESI=00000000 EDI=ffffffff EBP=f6933300 ESP=ffef6cc0 EIP=f70a7a39 EFL=00000246 [---Z-P-] CPL=3 II=0 A20=1 SMM=0 HLT=0 ES =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0023 00000000 ffffffff 00c0fb00 DPL=3 CS32 [-RA] SS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] DS =002b 00000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 00000000 ffffffff 00c00000 GS =0063 578c1440 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 00000000 ffffffff 00c00000 TR =0040 000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002f41affc CR3=000000006d658000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000