last executing test programs: 553.803239ms ago: executing program 1 (id=880): r0 = syz_io_uring_setup(0x285d, &(0x7f0000000480)={0x0, 0xb418, 0x0, 0x2, 0x5}, &(0x7f00000000c0), &(0x7f0000000080)) mremap(&(0x7f0000000000/0x9000)=nil, 0x600600, 0x200000, 0x3, &(0x7f0000a00000/0x600000)=nil) io_uring_register$IORING_UNREGISTER_NAPI(r0, 0x1c, &(0x7f0000000380), 0x1) 498.921472ms ago: executing program 1 (id=883): r0 = socket$can_raw(0x1d, 0x3, 0x1) setsockopt$CAN_RAW_ERR_FILTER(r0, 0x65, 0x7, &(0x7f00000001c0)=0x44, 0x4) setsockopt$CAN_RAW_FD_FRAMES(r0, 0x65, 0x5, &(0x7f00000003c0)=0x4000, 0x4) 442.606052ms ago: executing program 0 (id=885): r0 = socket$netlink(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r0, 0x10e, 0xc, &(0x7f0000000640)=0x4, 0x4) sendmsg$netlink(r0, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000100)={0x1c, 0x5e, 0x1, 0x0, 0x0, "", [@typed={0x8, 0x3ffd, 0x0, 0x0, @uid}, @typed={0x4, 0x0, 0x0, 0x0, @binary}]}, 0x1c}], 0x1, 0x0, 0x0, 0x488c5}, 0x0) 442.416077ms ago: executing program 1 (id=886): socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000040)=ANY=[@ANYBLOB="600000001800dd8d000000000000000002000000ff0000060000000008000700ac1414bb08001e006907000008000700ac1e010108000b00ffffffff0800", @ANYRES8=r0], 0x60}}, 0x44000) 442.244208ms ago: executing program 0 (id=887): mmap(&(0x7f0000000000/0xa000)=nil, 0xa000, 0x0, 0x32, 0xffffffffffffffff, 0x0) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) setsockopt$inet6_tcp_TCP_CONGESTION(r0, 0x6, 0xd, &(0x7f00000000c0)='nv\x00', 0x3) 426.728998ms ago: executing program 1 (id=888): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$devlink(&(0x7f0000000100), r0) sendmsg$DEVLINK_CMD_TRAP_GROUP_SET(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000000000)={0x4c, r1, 0x1, 0x1000, 0x0, {}, [{@nsim={{0xe}, {0xf, 0x2, {'netdevsim', 0x0}}}, {0xd}, {0x5, 0x87}}]}, 0x4c}}, 0x0) 425.428467ms ago: executing program 3 (id=890): mkdir(&(0x7f00000003c0)='./file0\x00', 0x83) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) name_to_handle_at(0xffffffffffffff9c, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0)=ANY=[@ANYBLOB="14"], &(0x7f0000000180), 0x0) 350.2581ms ago: executing program 0 (id=891): r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r0, 0x0) setpgid(0x0, r0) 349.916743ms ago: executing program 1 (id=892): sched_setaffinity(0x0, 0x0, 0x0) r0 = syz_open_dev$tty1(0xc, 0x4, 0x3) ioctl$KDGKBDIACR(r0, 0x4b4b, 0x0) 349.496241ms ago: executing program 3 (id=894): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000340)=@base={0x9, 0x4, 0x401, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xd, &(0x7f0000000200)=@framed={{0x18, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x4}, [@call={0x85, 0x0, 0x0, 0x7}, @ringbuf_output={{0x18, 0x1, 0x1, 0x0, r0}, {}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x7d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='tlb_flush\x00', r1}, 0x10) 348.899673ms ago: executing program 1 (id=896): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff, 0xffffffffffffffff}) sendmmsg$unix(r1, &(0x7f00000bd000), 0x318, 0x0) ioctl$sock_TIOCINQ(r0, 0x541b, &(0x7f0000000000)) 348.75843ms ago: executing program 3 (id=897): unshare(0x60040200) r0 = socket(0x2, 0x3, 0xff) sendmmsg(r0, &(0x7f0000000a00)=[{{&(0x7f00000002c0)=@l2tp={0x2, 0x0, @empty, 0x3}, 0x80, &(0x7f0000000200)=[{&(0x7f0000000400)="f9214360367a9225faca41f336c83fe3bf049ce37c58b464754594c1e96120d8b5a51321", 0x24}], 0x1}}], 0x1, 0x20044840) 299.149178ms ago: executing program 0 (id=898): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000001040)={0xc, {"a2e3ad214fc752f91b3e090987f70e06d038e7ff7fc6e5539b3264078b089b0e083871090890e0878f0e1ac6e7049b334c959b679a240d5b67f3988f7ef319520100ffe8d178708c523c921b1b5b31360d3b5d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78669a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb016d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000002335875271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498bee800490841bdb114f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1fe90a56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617601000000be70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d595a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6ebe8cac64f17679141d54b34bbc9980000000b3309603f1d4ab966203861b5b15a841f2b575a8bd0d780231c9c99a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ede26c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6c82fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c2021d653a5520000008213b704a5000000000000008ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710a80000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b83c7068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4e38a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c118045651cf41c2fc48b778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2bed9e53803edf1a4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034e00000000ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c478b095b68441a34cb51682a8ae4d24ad92f243941ed274549b79a7962fb385a882e8020f068bb87af8b90fd8f08876da865d258734dd73583df292892448039ef799cf0630becdbe6c4579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93ae62fccfcbb2b75a2183c46eb65ca8124e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43e4fb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e01feffffffffffff83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369d75f2e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aa01b20f7694a00f16e2d0174035a2c22656dc00880acebdbe8ddbd75c2f998d8ac2dfad2ba3a50200000045a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7bcddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe2907ac0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf463661c953fcad6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c52c9711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7cd419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaeecf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3dd014e5c5ad8fe995754bd9cf32fce1e31919c4b2082fb0a30b9deae84bed4b281769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a37684f4113c48859465c3b415c3432f81db8719539d5bf372aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c105000000302a808d7f5251440613d17ca51055f2f416a44fe180d2d50c312cca7cb14a20dc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb40100000006376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7ceec7dc808bf653639d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a602000000000000007007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f732ae00398e8bd1f4908b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf6529006c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6522fb5f6ffcdd56fed88935fcb75912d5ecd36dea3bca0b7427d8392c6289455e8f8d2ab2242729251ae233a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a5bd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08008897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d702e30bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b80c1c128ad2706f48261f7897484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c98ad90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe360500000000000000b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ebecd8d884836174faf1aa609e5f1ee1062dfa13bdc1fa7cfaadba85c72e9758f03a755d0be53f8d2a1df0d07b3d5bd3b01faffd0addbed2881a9700af561ac8c7e36bb2fc4c40e9c766c06817bb903729a7db6ff957697c9ede7885d94ffb0759be0daf60af93109eb1dee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c1484d2f9c55f4901203a9a8a2c3e51074b41bc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d000000000000000000000000000040000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000600", 0x7c4}}, 0x1006) 298.909509ms ago: executing program 2 (id=899): r0 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$netlink_NETLINK_NO_ENOBUFS(r0, 0x10e, 0xc, &(0x7f0000000040)=0x7f, 0x4) sendmsg$nl_route(r0, &(0x7f0000000100)={0x0, 0x0, &(0x7f00000000c0)={&(0x7f0000000000)=ANY=[@ANYBLOB="240000001a0001000000ff7f0000000080000000", @ANYRES32=0x0, @ANYBLOB='\x00\x00\x00\x00\b\x00', @ANYRES32=r0], 0x24}}, 0x0) 249.591401ms ago: executing program 2 (id=900): r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000040)={0x1f, 0xffff, 0x3}, 0x6) setsockopt$bt_BT_RCVMTU(r0, 0x112, 0xd, &(0x7f0000000040), 0x2) 249.445789ms ago: executing program 3 (id=901): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x2, 0x0) connect$bt_l2cap(r0, &(0x7f0000000080)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}, 0x801}, 0xe) getpeername$packet(r0, 0x0, 0x0) 249.316138ms ago: executing program 2 (id=902): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f0000000500)={0x11, 0x10, &(0x7f0000000400)=@ringbuf={{0x18, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4}, {{0x18, 0x1, 0x1, 0x0, r0}}, {}, [@call={0x85, 0x0, 0x0, 0x50}], {{}, {}, {0x85, 0x0, 0x0, 0x85}}}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, @fallback=0x1d, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={&(0x7f0000000180)='tlb_flush\x00', r1}, 0x10) 199.293383ms ago: executing program 3 (id=903): r0 = socket$inet6(0xa, 0x3, 0x5) setsockopt$inet6_IPV6_RTHDRDSTOPTS(r0, 0x29, 0x37, &(0x7f00000002c0)={0x29}, 0x8) sendmmsg(r0, &(0x7f0000000200)=[{{&(0x7f0000000180)=@l2tp6={0xa, 0x500, 0x80000, @remote}, 0x80, 0x0}, 0x5b4}], 0x43, 0x0) 199.031306ms ago: executing program 0 (id=904): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f00000005c0), 0xffffffffffffffff) sendmsg$TIPC_NL_LINK_SET(r0, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000340)={&(0x7f0000000400)={0x2c, r1, 0x601, 0x0, 0x0, {}, [@TIPC_NLA_LINK={0x18, 0x4, 0x0, 0x1, [@TIPC_NLA_LINK_NAME={0x13, 0x1, 'broadcast-link\x00'}]}]}, 0x2c}}, 0x0) 198.886433ms ago: executing program 2 (id=905): r0 = socket$inet(0x2, 0x3, 0x2) add_key$fscrypt_v1(0x0, 0x0, &(0x7f00000000c0)={0x0, "f1a1173fb9462d3589e67197f90be6e423ceb0ab4912f9f6a31854ec98e950cfed21fcad7ff0fbcb566a0982f8938caa52dd8d39af14c31ed56ad59300"}, 0x48, 0xffffffffffffffff) setsockopt$inet_msfilter(r0, 0x0, 0x29, &(0x7f00000000c0)=ANY=[], 0x1c) 198.733463ms ago: executing program 3 (id=906): syz_usb_connect(0x1, 0x3d, &(0x7f00000001c0)=ANY=[@ANYBLOB="12010000bdce4208110f80106afc0000000109022b00010000000009043700022ee5cd0009058010ff037f790209050e0320000980070705ab0b78"], 0x0) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r0, 0x0, 0x0) 138.404927ms ago: executing program 0 (id=907): r0 = bpf$MAP_CREATE_CONST_STR(0x0, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r1 = bpf$MAP_CREATE_RINGBUF(0x0, &(0x7f00000007c0)={0x1b, 0x0, 0x0, 0x40000, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x7, 0x1c, &(0x7f0000000d80)=ANY=[@ANYBLOB="1808000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b702000014000000b7030000000000008500000083000000bc8900000000000035090100000000009500000000000000b7080000000000007b9a00fe00000000b509000000000000c3aaf0fff1000000bf8600000000000007080000f8ffffffbfa400000000000007040000f0ffffffb70200000800000018220000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7050000080000004608ebff76000000bf9800000000000056080000000000008500000000000000b70000000000000095"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 138.274942ms ago: executing program 2 (id=908): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) r1 = openat$sysctl(0xffffffffffffff9c, &(0x7f0000000040)='/proc/sys/vm/drop_caches\x00', 0x1, 0x0) sendfile(r1, r0, &(0x7f0000002080)=0x64, 0x23b) 0s ago: executing program 2 (id=909): openat$fuse(0xffffff9c, &(0x7f0000000340), 0x2, 0x0) r0 = syz_open_procfs(0x0, &(0x7f0000000000)='fd/3\x00') mount$9p_fd(0x0, &(0x7f0000000100)='.\x00', &(0x7f0000000040), 0x0, &(0x7f0000000140)={'trans=fd,', {'rfdno', 0x3d, r0}, 0x2c, {'wfdno', 0x3d, r0}}) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:40453' (ED25519) to the list of known hosts. [ 48.213467][ T5919] cgroup: Unknown subsys name 'net' [ 48.407744][ T5919] cgroup: Unknown subsys name 'cpuset' [ 48.413556][ T5919] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 49.578238][ T5919] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 53.776737][ T5292] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 53.782016][ T5945] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 53.785001][ T5945] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 53.787849][ T5945] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 53.790640][ T5945] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 53.800772][ T5942] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 53.804322][ T5942] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 53.807433][ T5942] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 53.810689][ T5942] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 53.813879][ T5942] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 53.818979][ T5942] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 53.824308][ T67] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 53.828198][ T67] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 53.828299][ T5945] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 53.832074][ T67] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 53.834456][ T5945] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 53.837114][ T67] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 53.839351][ T5945] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 53.848223][ T5292] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 53.852150][ T5292] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 54.012628][ T5938] chnl_net:caif_netlink_parms(): no params data found [ 54.181516][ T5939] chnl_net:caif_netlink_parms(): no params data found [ 54.186256][ T5938] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.189181][ T5938] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.191734][ T5938] bridge_slave_0: entered allmulticast mode [ 54.195172][ T5938] bridge_slave_0: entered promiscuous mode [ 54.233825][ T5938] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.236216][ T5938] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.238622][ T5938] bridge_slave_1: entered allmulticast mode [ 54.241311][ T5938] bridge_slave_1: entered promiscuous mode [ 54.311909][ T5938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.319039][ T5947] chnl_net:caif_netlink_parms(): no params data found [ 54.330316][ T5949] chnl_net:caif_netlink_parms(): no params data found [ 54.337295][ T5938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.462498][ T5938] team0: Port device team_slave_0 added [ 54.466398][ T5938] team0: Port device team_slave_1 added [ 54.503031][ T5939] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.506191][ T5939] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.509287][ T5939] bridge_slave_0: entered allmulticast mode [ 54.513553][ T5939] bridge_slave_0: entered promiscuous mode [ 54.594682][ T5939] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.596846][ T5939] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.598966][ T5939] bridge_slave_1: entered allmulticast mode [ 54.601541][ T5939] bridge_slave_1: entered promiscuous mode [ 54.687350][ T5947] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.689721][ T5947] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.691876][ T5947] bridge_slave_0: entered allmulticast mode [ 54.694476][ T5947] bridge_slave_0: entered promiscuous mode [ 54.697432][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 54.700060][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.709484][ T5938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 54.730138][ T5949] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.732373][ T5949] bridge0: port 1(bridge_slave_0) entered disabled state [ 54.736565][ T5949] bridge_slave_0: entered allmulticast mode [ 54.739129][ T5949] bridge_slave_0: entered promiscuous mode [ 54.755662][ T5947] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.758885][ T5947] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.762041][ T5947] bridge_slave_1: entered allmulticast mode [ 54.766066][ T5947] bridge_slave_1: entered promiscuous mode [ 54.770615][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 54.773880][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 54.784917][ T5938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 54.789491][ T5949] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.792120][ T5949] bridge0: port 2(bridge_slave_1) entered disabled state [ 54.794551][ T5949] bridge_slave_1: entered allmulticast mode [ 54.797268][ T5949] bridge_slave_1: entered promiscuous mode [ 54.821023][ T5939] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.887110][ T5949] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.892643][ T5939] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.924595][ T5947] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 54.929717][ T5949] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 54.995103][ T5939] team0: Port device team_slave_0 added [ 55.000037][ T5947] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 55.090529][ T5939] team0: Port device team_slave_1 added [ 55.149393][ T5949] team0: Port device team_slave_0 added [ 55.193216][ T5939] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.196271][ T5939] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.207675][ T5939] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.216237][ T5947] team0: Port device team_slave_0 added [ 55.220710][ T5949] team0: Port device team_slave_1 added [ 55.228119][ T5938] hsr_slave_0: entered promiscuous mode [ 55.231442][ T5938] hsr_slave_1: entered promiscuous mode [ 55.235907][ T5939] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.238813][ T5939] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.249773][ T5939] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.256599][ T5947] team0: Port device team_slave_1 added [ 55.363745][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.366773][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.377756][ T5947] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.408805][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 55.411822][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.423417][ T5949] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 55.430819][ T5947] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.433977][ T5947] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.445280][ T5947] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.481791][ T5949] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 55.485310][ T5949] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 55.496403][ T5949] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 55.510769][ T5939] hsr_slave_0: entered promiscuous mode [ 55.514199][ T5939] hsr_slave_1: entered promiscuous mode [ 55.517213][ T5939] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.520633][ T5939] Cannot create hsr debugfs directory [ 55.633558][ T5947] hsr_slave_0: entered promiscuous mode [ 55.635892][ T5947] hsr_slave_1: entered promiscuous mode [ 55.638064][ T5947] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.640558][ T5947] Cannot create hsr debugfs directory [ 55.705559][ T5949] hsr_slave_0: entered promiscuous mode [ 55.708105][ T5949] hsr_slave_1: entered promiscuous mode [ 55.710892][ T5949] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 55.713577][ T5949] Cannot create hsr debugfs directory [ 55.853825][ T5292] Bluetooth: hci0: command tx timeout [ 55.853967][ T5942] Bluetooth: hci2: command tx timeout [ 55.855725][ T5945] Bluetooth: hci1: command tx timeout [ 55.933400][ T5292] Bluetooth: hci3: command tx timeout [ 56.022355][ T5938] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 56.033050][ T5938] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 56.038977][ T5938] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 56.054933][ T5938] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 56.087504][ T5947] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 56.094860][ T5947] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 56.101632][ T5947] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 56.108984][ T5947] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 56.171469][ T5939] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 56.177120][ T5939] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 56.181929][ T5939] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 56.186681][ T5939] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 56.238398][ T5949] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 56.243139][ T5949] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 56.256088][ T5938] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.259072][ T5949] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 56.263495][ T5949] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 56.289839][ T5938] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.304009][ T65] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.307238][ T65] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.328427][ T1175] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.331798][ T1175] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.358745][ T5947] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.390019][ T5939] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.416172][ T5947] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.429910][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.432983][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.446748][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.449915][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.454822][ T5939] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.469973][ T46] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.473104][ T46] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.496691][ T5949] 8021q: adding VLAN 0 to HW filter on device bond0 [ 56.504936][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.508015][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.550165][ T5949] 8021q: adding VLAN 0 to HW filter on device team0 [ 56.563612][ T65] bridge0: port 1(bridge_slave_0) entered blocking state [ 56.566137][ T65] bridge0: port 1(bridge_slave_0) entered forwarding state [ 56.575280][ T65] bridge0: port 2(bridge_slave_1) entered blocking state [ 56.577674][ T65] bridge0: port 2(bridge_slave_1) entered forwarding state [ 56.629633][ T5938] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.680141][ T5938] veth0_vlan: entered promiscuous mode [ 56.694290][ T5938] veth1_vlan: entered promiscuous mode [ 56.702861][ T5939] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.721074][ T5947] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.732693][ T5938] veth0_macvtap: entered promiscuous mode [ 56.743143][ T5938] veth1_macvtap: entered promiscuous mode [ 56.786886][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.790311][ T5939] veth0_vlan: entered promiscuous mode [ 56.793136][ T5947] veth0_vlan: entered promiscuous mode [ 56.802638][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 56.808965][ T5947] veth1_vlan: entered promiscuous mode [ 56.816583][ T5939] veth1_vlan: entered promiscuous mode [ 56.819508][ T5938] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.822579][ T5938] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.826268][ T5938] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.829154][ T5938] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 56.835415][ T5949] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 56.875379][ T5939] veth0_macvtap: entered promiscuous mode [ 56.881320][ T5947] veth0_macvtap: entered promiscuous mode [ 56.890602][ T5939] veth1_macvtap: entered promiscuous mode [ 56.898977][ T5947] veth1_macvtap: entered promiscuous mode [ 56.944879][ T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 56.949132][ T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 56.951159][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 56.957492][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.964854][ T5939] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.972053][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 56.976250][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.979488][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 56.982955][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 56.987437][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 56.996123][ T5947] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 57.000595][ T5947] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.006157][ T5947] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.020703][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 57.024846][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.028124][ T5939] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 57.031572][ T5939] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.036411][ T5939] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.040842][ T5939] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.043839][ T5939] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.046613][ T5939] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.049462][ T5939] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.056775][ T83] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.057412][ T5949] veth0_vlan: entered promiscuous mode [ 57.060089][ T83] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.062419][ T5947] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.067936][ T5947] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.070768][ T5947] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.074650][ T5947] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.107527][ T5949] veth1_vlan: entered promiscuous mode [ 57.119913][ T5938] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 57.138066][ T1175] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.141249][ T1175] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.157843][ T1175] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.160918][ T1175] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.171389][ T5949] veth0_macvtap: entered promiscuous mode [ 57.183259][ T5949] veth1_macvtap: entered promiscuous mode [ 57.185824][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.188445][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.202637][ T5995] netlink: 24 bytes leftover after parsing attributes in process `syz.3.4'. [ 57.206368][ T1175] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.208869][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 57.209148][ T1175] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.212778][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.218484][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 57.221821][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.225238][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 57.229264][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.234467][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 57.248529][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 57.252354][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.256751][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 57.260995][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.264920][ T5949] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 57.268794][ T5949] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 57.278687][ T5949] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 57.288911][ T5949] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.292765][ T5949] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.297263][ T5949] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.301029][ T5949] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 57.391772][ T83] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.396580][ T83] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.424738][ T40] audit: type=1326 audit(1746727465.385:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6010 comm="syz.2.10" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f21579 code=0x0 [ 57.439591][ T1175] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 57.442115][ T1175] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 57.446360][ T6013] netlink: 8 bytes leftover after parsing attributes in process `syz.3.11'. [ 57.761189][ T6054] mkiss: ax0: crc mode is auto. [ 57.858891][ T6066] netlink: 64 bytes leftover after parsing attributes in process `syz.1.29'. [ 57.934262][ T5292] Bluetooth: hci2: command tx timeout [ 57.943698][ T5292] Bluetooth: hci0: command tx timeout [ 57.945752][ T5292] Bluetooth: hci1: command tx timeout [ 58.013644][ T5945] Bluetooth: hci3: command tx timeout [ 58.358853][ T6120] netlink: 12 bytes leftover after parsing attributes in process `syz.3.57'. [ 58.495351][ T6136] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 58.669979][ T6156] netlink: 'syz.2.73': attribute type 2 has an invalid length. [ 58.762174][ T6162] netlink: 12 bytes leftover after parsing attributes in process `syz.2.76'. [ 58.764787][ T6164] capability: warning: `syz.3.77' uses deprecated v2 capabilities in a way that may be insecure [ 58.805665][ T6168] sp0: Synchronizing with TNC [ 58.810245][ T6167] [U] è [ 58.930341][ T6175] netlink: 20 bytes leftover after parsing attributes in process `syz.2.83'. [ 58.930516][ T6175] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0' [ 59.772476][ T6251] bridge1: entered promiscuous mode [ 59.775017][ T6251] bridge1: entered allmulticast mode [ 59.781630][ T6251] team0: Port device bridge1 added [ 59.793941][ T5927] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 59.854279][ T40] audit: type=1326 audit(1746727467.805:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6260 comm="syz.0.121" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x0 [ 60.013736][ T5945] Bluetooth: hci1: command tx timeout [ 60.013798][ T5292] Bluetooth: hci0: command tx timeout [ 60.015574][ T5945] Bluetooth: hci2: command tx timeout [ 60.094129][ T5945] Bluetooth: hci3: command tx timeout [ 60.803364][ T6275] process 'syz.2.126' launched './file1' with NULL argv: empty string added [ 60.810371][ T6275] ======================================================= [ 60.810371][ T6275] WARNING: The mand mount option has been deprecated and [ 60.810371][ T6275] and is ignored by this kernel. Remove the mand [ 60.810371][ T6275] option from the mount to silence this warning. [ 60.810371][ T6275] ======================================================= [ 60.948074][ T6292] usb 1-1: USB disconnect, device number 2 [ 60.954952][ T6288] sp0: Synchronizing with TNC [ 61.097814][ T6297] netlink: 8 bytes leftover after parsing attributes in process `syz.0.136'. [ 61.218646][ T6318] netlink: 20 bytes leftover after parsing attributes in process `syz.0.145'. [ 61.297756][ T6328] warning: `syz.0.150' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 61.377390][ T6338] IPVS: set_ctl: invalid protocol: 58 172.20.20.170:0 [ 61.862367][ T6395] binder: 6394:6395 ioctl 541b 0 returned -22 [ 62.094308][ T5945] Bluetooth: hci2: command tx timeout [ 62.094940][ T5292] Bluetooth: hci1: command tx timeout [ 62.104314][ T5292] Bluetooth: hci0: command tx timeout [ 62.161639][ T40] audit: type=1326 audit(1746727470.115:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6410 comm="syz.1.190" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf711e579 code=0x0 [ 62.173712][ T5292] Bluetooth: hci3: command tx timeout [ 62.211623][ T40] audit: type=1326 audit(1746727470.165:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6410 comm="syz.1.190" exe="/syz-executor" sig=31 arch=40000003 syscall=436 compat=1 ip=0xf711e579 code=0x0 [ 63.053687][ T1021] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 63.128631][ T6454] capability: warning: `syz.2.210' uses 32-bit capabilities (legacy support in use) [ 63.204467][ T1021] usb 8-1: too many configurations: 9, using maximum allowed: 8 [ 63.210559][ T1021] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 63.220927][ T1021] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 63.226199][ T1021] usb 8-1: config 0 interface 0 has no altsetting 0 [ 63.227012][ T6468] netlink: 24 bytes leftover after parsing attributes in process `syz.1.217'. [ 63.232170][ T1021] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 63.250457][ T1021] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 63.259728][ T1021] usb 8-1: config 0 interface 0 has no altsetting 0 [ 63.264825][ T1021] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 63.268718][ T1021] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 63.272478][ T6473] netlink: 12 bytes leftover after parsing attributes in process `syz.1.219'. [ 63.278780][ T1021] usb 8-1: config 0 interface 0 has no altsetting 0 [ 63.284355][ T1021] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 63.287833][ T1021] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 63.292513][ T1021] usb 8-1: config 0 interface 0 has no altsetting 0 [ 63.299446][ T1021] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 63.304444][ T1021] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 63.309405][ T1021] usb 8-1: config 0 interface 0 has no altsetting 0 [ 63.315969][ T1021] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 63.319864][ T1021] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 63.333561][ T1021] usb 8-1: config 0 interface 0 has no altsetting 0 [ 63.337391][ T1021] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 63.341288][ T1021] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 63.347263][ T1021] usb 8-1: config 0 interface 0 has no altsetting 0 [ 63.357441][ T1021] usb 8-1: config 0 has 1 interface, different from the descriptor's value: 9 [ 63.361299][ T1021] usb 8-1: config 0 interface 0 altsetting 2 endpoint 0x8D has an invalid bInterval 0, changing to 7 [ 63.366745][ T1021] usb 8-1: config 0 interface 0 has no altsetting 0 [ 63.375538][ T1021] usb 8-1: New USB device found, idVendor=0c45, idProduct=1010, bcdDevice=49.8e [ 63.379517][ T1021] usb 8-1: New USB device strings: Mfr=41, Product=64, SerialNumber=168 [ 63.382990][ T1021] usb 8-1: Product: syz [ 63.385238][ T1021] usb 8-1: Manufacturer: syz [ 63.387659][ T1021] usb 8-1: SerialNumber: syz [ 63.392573][ T1021] usb 8-1: config 0 descriptor?? [ 63.414226][ T1021] yurex 8-1:0.0: USB YUREX device now attached to Yurex #0 [ 63.531924][ T6502] usb 8-1: USB disconnect, device number 2 [ 63.538931][ T6502] yurex 8-1:0.0: USB YUREX #0 now disconnected [ 63.956802][ T6540] team0: Device gtp0 is of different type [ 64.131638][ T6559] netlink: 12 bytes leftover after parsing attributes in process `syz.0.259'. [ 64.136176][ T6559] netlink: 'syz.0.259': attribute type 2 has an invalid length. [ 64.138876][ T6559] netlink: 16 bytes leftover after parsing attributes in process `syz.0.259'. [ 64.159731][ T6563] sp0: Synchronizing with TNC [ 64.210407][ T6565] program syz.0.263 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 64.210605][ T6570] netlink: 8 bytes leftover after parsing attributes in process `syz.3.262'. [ 64.214995][ T6565] ata1.00: invalid service action 20 [ 64.937010][ T6665] ata1.00: invalid command format 189 [ 65.492192][ T6732] netlink: 8 bytes leftover after parsing attributes in process `syz.1.338'. [ 65.496745][ T6732] netlink: 12 bytes leftover after parsing attributes in process `syz.1.338'. [ 65.500767][ T6732] netlink: 'syz.1.338': attribute type 20 has an invalid length. [ 65.546557][ T6740] netlink: 24 bytes leftover after parsing attributes in process `syz.0.341'. [ 65.574609][ T6742] netlink: 'syz.1.342': attribute type 1 has an invalid length. [ 65.578408][ T6742] netlink: 220 bytes leftover after parsing attributes in process `syz.1.342'. [ 65.582984][ T6742] netlink: 'syz.1.342': attribute type 1 has an invalid length. [ 65.602714][ T6746] netlink: 512 bytes leftover after parsing attributes in process `syz.2.344'. [ 65.652070][ T6752] sp0: Synchronizing with TNC [ 66.063376][ T6800] 9pnet_rdma: rdma_create_trans (6800): problem binding to privport: 13 [ 66.669020][ T40] audit: type=1326 audit(1746727474.625:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6869 comm="syz.1.403" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf711e579 code=0x0 [ 66.789039][ T6883] Bluetooth: MGMT ver 1.23 [ 67.332952][ T6947] netlink: 'syz.0.438': attribute type 7 has an invalid length. [ 67.576017][ T6966] netlink: 'syz.2.447': attribute type 5 has an invalid length. [ 68.215227][ T7029] mmap: syz.1.471 (7029) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 68.537156][ T7048] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 68.710864][ T7064] netlink: 'syz.1.494': attribute type 1 has an invalid length. [ 68.714469][ T7064] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 69.071164][ T7077] __nla_validate_parse: 15 callbacks suppressed [ 69.071175][ T7077] netlink: 12 bytes leftover after parsing attributes in process `syz.1.500'. [ 69.107024][ T40] audit: type=1326 audit(1746727477.065:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7033 comm="syz.0.480" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7fc00000 [ 69.631953][ T7129] netlink: 4 bytes leftover after parsing attributes in process `syz.2.525'. [ 69.705736][ T40] audit: type=1326 audit(1746727477.665:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7136 comm="syz.2.529" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf7f21579 code=0x0 [ 69.783189][ T7144] netlink: 24 bytes leftover after parsing attributes in process `syz.1.532'. [ 69.879585][ T5940] udevd[5940]: inotify_add_watch(7, /dev/nbd64, 10) failed: No such file or directory [ 70.545868][ T59] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 70.694684][ T59] usb 5-1: config 1 interface 0 altsetting 253 has 2 endpoint descriptors, different from the interface descriptor's value: 14 [ 70.698956][ T59] usb 5-1: config 1 interface 0 has no altsetting 0 [ 70.701879][ T59] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 70.705288][ T59] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=1 [ 70.707969][ T59] usb 5-1: SerialNumber: syz [ 71.058332][ T1418] ieee802154 phy0 wpan0: encryption failed: -22 [ 71.060674][ T1418] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.242074][ T7187] openvswitch: netlink: IP tunnel attribute has 8 unknown bytes. [ 71.323606][ T59] cdc_ether 5-1:1.0: probe with driver cdc_ether failed with error -71 [ 71.330071][ T59] usb 5-1: USB disconnect, device number 2 [ 71.436818][ T7204] netlink: 8 bytes leftover after parsing attributes in process `syz.1.559'. [ 71.439771][ T7204] netlink: 4 bytes leftover after parsing attributes in process `syz.1.559'. [ 71.445468][ T7204] netlink: 'syz.1.559': attribute type 18 has an invalid length. [ 71.572660][ T7217] netlink: 'syz.1.565': attribute type 39 has an invalid length. [ 71.573226][ T7216] netlink: 24 bytes leftover after parsing attributes in process `syz.2.564'. [ 71.724596][ T7236] netlink: 4 bytes leftover after parsing attributes in process `syz.3.575'. [ 71.833626][ T7256] netlink: 4083 bytes leftover after parsing attributes in process `syz.3.580'. [ 71.837127][ T7248] netlink: 4083 bytes leftover after parsing attributes in process `syz.3.580'. [ 72.037707][ T7286] mkiss: ax0: crc mode is auto. [ 72.322789][ T7314] netlink: 4 bytes leftover after parsing attributes in process `syz.1.609'. [ 72.331420][ T7317] binder: 7316:7317 ioctl c018620c 80000380 returned -22 [ 72.472153][ T7340] overlay: ./file0 is not a directory [ 72.712636][ T7364] netlink: 'syz.3.630': attribute type 1 has an invalid length. [ 72.813125][ T7376] devpts: Bad value for 'max' [ 72.920335][ T7386] blktrace: Concurrent blktraces are not allowed on sg0 [ 72.997278][ T7395] nd_bus ndbus0: __nd_ioctl:bus unknown input size cmd: cmd_call field: 1 [ 73.086561][ T7405] netlink: 'syz.0.650': attribute type 20 has an invalid length. [ 73.211303][ T40] audit: type=1804 audit(1746727481.165:9): pid=7421 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=invalid_pcr cause=open_writers comm="syz.2.658" name="/" dev="pidfs" ino=7423 res=1 errno=0 [ 73.515872][ T40] audit: type=1326 audit(1746727481.476:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7456 comm="syz.1.675" exe="/syz-executor" sig=9 arch=40000003 syscall=252 compat=1 ip=0xf711e579 code=0x0 [ 73.686057][ T40] audit: type=1326 audit(1746727481.646:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7381 comm="syz.3.640" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7fc00000 [ 73.735329][ T7465] tipc: Started in network mode [ 73.737751][ T7465] tipc: Node identity aaaaaaaaaa41, cluster identity 4711 [ 73.741121][ T7465] tipc: Enabled bearer , priority 10 [ 73.827278][ T7470] No buffer was provided with the request [ 74.048582][ T7487] openvswitch: netlink: nsh attribute has 5276 unknown bytes. [ 74.051886][ T7487] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 74.095772][ T7491] netdevsim netdevsim3 netdevsim0: set [0, 0] type 1 family 0 port 8472 - 0 [ 74.098832][ T7491] netdevsim netdevsim3 netdevsim1: set [0, 0] type 1 family 0 port 8472 - 0 [ 74.102081][ T7491] netdevsim netdevsim3 netdevsim2: set [0, 0] type 1 family 0 port 8472 - 0 [ 74.105237][ T7491] netdevsim netdevsim3 netdevsim3: set [0, 0] type 1 family 0 port 8472 - 0 [ 74.109949][ T7491] Zero length message leads to an empty skb [ 74.493944][ T24] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 74.511902][ T7512] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 74.516208][ T7512] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 74.521115][ T7512] (unnamed net_device) (uninitialized): invalid ARP target 0.0.0.0 specified for addition [ 74.528129][ T7512] (unnamed net_device) (uninitialized): option arp_ip_target: invalid value (0) [ 74.536891][ T7514] __nla_validate_parse: 6 callbacks suppressed [ 74.536901][ T7514] netlink: 4 bytes leftover after parsing attributes in process `syz.2.702'. [ 74.550447][ T7514] openvswitch: netlink: push_nsh: missing base or metadata attributes [ 74.553519][ T7514] openvswitch: netlink: Flow actions may not be safe on all matching packets. [ 74.734046][ T24] tipc: Node number set to 15444650 [ 75.715518][ T7552] nbd: must specify at least one socket [ 75.878944][ T7572] netlink: 56 bytes leftover after parsing attributes in process `syz.0.728'. [ 75.882553][ T7572] netlink: 'syz.0.728': attribute type 5 has an invalid length. [ 75.979947][ T7583] sp0: Synchronizing with TNC [ 75.995943][ T7589] mkiss: ax0: crc mode is auto. [ 76.040932][ T7593] overlay: filesystem on ./file0 is read-only [ 76.220685][ T40] audit: type=1326 audit(1746727484.166:12): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.3.742" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 76.234864][ T40] audit: type=1326 audit(1746727484.166:13): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.3.742" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 76.258597][ T40] audit: type=1326 audit(1746727484.166:14): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.3.742" exe="/syz-executor" sig=0 arch=40000003 syscall=445 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 76.269359][ T40] audit: type=1326 audit(1746727484.166:15): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.3.742" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 76.278706][ T40] audit: type=1326 audit(1746727484.166:16): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7598 comm="syz.3.742" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ce579 code=0x7ffc0000 [ 77.291665][ T7639] Bluetooth: MGMT ver 1.23 [ 77.631986][ T7678] dlm: plock device version mismatch: kernel (1.2.0), user (1.53411925.0) [ 77.902189][ T40] audit: type=1326 audit(1746727485.856:17): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.0.799" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 77.909450][ T40] audit: type=1326 audit(1746727485.856:18): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7718 comm="syz.0.799" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf70ae579 code=0x7ffc0000 [ 78.157499][ T7750] netlink: 12 bytes leftover after parsing attributes in process `syz.1.811'. [ 78.160398][ T7750] netlink: 'syz.1.811': attribute type 1 has an invalid length. [ 78.162985][ T7750] netlink: 28 bytes leftover after parsing attributes in process `syz.1.811'. [ 78.163637][ T7752] binder: 7751:7752 ioctl c0306201 0 returned -14 [ 78.292325][ T7764] netlink: 8 bytes leftover after parsing attributes in process `syz.2.818'. [ 78.295634][ T7764] netlink: 12 bytes leftover after parsing attributes in process `syz.2.818'. [ 78.298652][ T7764] netlink: 'syz.2.818': attribute type 5 has an invalid length. [ 78.320888][ T7766] netlink: 88 bytes leftover after parsing attributes in process `syz.1.819'. [ 78.370302][ T7772] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 78.372665][ T7772] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 78.376464][ T7772] vhci_hcd vhci_hcd.0: Device attached [ 78.541437][ T7787] Bluetooth: MGMT ver 1.23 [ 78.623401][ T144] usb 41-1: new high-speed USB device number 2 using vhci_hcd [ 78.628605][ T7793] devtmpfs: Cannot change global quota limit on remount [ 78.882645][ T7773] vhci_hcd: connection reset by peer [ 78.886491][ T83] vhci_hcd: stop threads [ 78.888726][ T83] vhci_hcd: release socket [ 78.891299][ T83] vhci_hcd: disconnect device [ 79.002915][ T7815] sp0: Synchronizing with TNC [ 79.008357][ T7815] sp0: Found TNC [ 79.010499][ T7814] [U] è` [ 79.396830][ T7850] program syz.2.859 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 79.736374][ T7897] Driver unsupported XDP return value 0 on prog (id 75) dev N/A, expect packet loss! [ 79.773145][ T7903] netlink: 28 bytes leftover after parsing attributes in process `syz.1.886'. [ 79.879458][ T7923] netlink: 4 bytes leftover after parsing attributes in process `syz.2.895'. [ 79.887457][ T7923] netlink: 4 bytes leftover after parsing attributes in process `syz.2.895'. [ 80.168981][ T7951] syz.2.908 (7951): drop_caches: 2 [ 80.172666][ T7951] syz.2.908 (7951): drop_caches: 2 [ 80.486560][ T7949] ================================================================== [ 80.489244][ T7949] BUG: KASAN: vmalloc-out-of-bounds in vrealloc_noprof+0x132/0x320 [ 80.492014][ T7949] Write of size 4064 at addr ffffc90003851020 by task syz.0.907/7949 [ 80.497253][ T7949] [ 80.498077][ T7949] CPU: 0 UID: 0 PID: 7949 Comm: syz.0.907 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(full) [ 80.498091][ T7949] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.498097][ T7949] Call Trace: [ 80.498101][ T7949] [ 80.498105][ T7949] dump_stack_lvl+0x116/0x1f0 [ 80.498124][ T7949] print_report+0xc3/0x670 [ 80.498136][ T7949] ? __virt_addr_valid+0x5e/0x590 [ 80.498149][ T7949] ? vrealloc_noprof+0x132/0x320 [ 80.498158][ T7949] kasan_report+0xe0/0x110 [ 80.498169][ T7949] ? vrealloc_noprof+0x132/0x320 [ 80.498179][ T7949] kasan_check_range+0xef/0x1a0 [ 80.498192][ T7949] __asan_memset+0x23/0x50 [ 80.498207][ T7949] vrealloc_noprof+0x132/0x320 [ 80.498215][ T7949] push_insn_history+0x2ae/0x6c0 [ 80.498227][ T7949] do_check_common+0xbd3/0xc2a0 [ 80.498243][ T7949] ? __pfx_do_check_common+0x10/0x10 [ 80.498253][ T7949] ? __pfx_mark_fastcall_pattern_for_call+0x10/0x10 [ 80.498268][ T7949] ? kfree+0x2b6/0x4d0 [ 80.498276][ T7949] ? bpf_check+0x6c86/0xb460 [ 80.498285][ T7949] ? bpf_check+0x7b2f/0xb460 [ 80.498295][ T7949] bpf_check+0x7f51/0xb460 [ 80.498308][ T7949] ? __pfx_bpf_check+0x10/0x10 [ 80.498318][ T7949] ? pcpu_alloc_noprof+0x949/0x1470 [ 80.498330][ T7949] ? __lock_acquire+0xaa4/0x1ba0 [ 80.498345][ T7949] ? find_held_lock+0x2b/0x80 [ 80.498355][ T7949] ? __asan_memset+0x23/0x50 [ 80.498369][ T7949] ? bpf_obj_name_cpy+0x14a/0x1a0 [ 80.498382][ T7949] bpf_prog_load+0xe41/0x2490 [ 80.498396][ T7949] ? __pfx_bpf_prog_load+0x10/0x10 [ 80.498417][ T7949] ? bpf_lsm_bpf+0x9/0x10 [ 80.498427][ T7949] __sys_bpf+0x433c/0x4d80 [ 80.498440][ T7949] ? __pfx_futex_wake+0x10/0x10 [ 80.498452][ T7949] ? __pfx___sys_bpf+0x10/0x10 [ 80.498465][ T7949] ? __lock_acquire+0xaa4/0x1ba0 [ 80.498477][ T7949] ? do_futex+0x122/0x350 [ 80.498487][ T7949] ? __pfx_do_futex+0x10/0x10 [ 80.498499][ T7949] ? xfd_validate_state+0x5d/0x180 [ 80.498514][ T7949] ? rcu_is_watching+0x12/0xc0 [ 80.498524][ T7949] __ia32_sys_bpf+0x76/0xe0 [ 80.498538][ T7949] __do_fast_syscall_32+0x73/0x120 [ 80.498552][ T7949] do_fast_syscall_32+0x32/0x80 [ 80.498565][ T7949] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 80.498577][ T7949] RIP: 0023:0xf70ae579 [ 80.498585][ T7949] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 80.498594][ T7949] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 80.498604][ T7949] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000700 [ 80.498610][ T7949] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000 [ 80.498616][ T7949] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 80.498621][ T7949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 80.498627][ T7949] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 80.498635][ T7949] [ 80.498638][ T7949] [ 80.602148][ T7949] The buggy address belongs to the virtual mapping at [ 80.602148][ T7949] [ffffc900037d1000, ffffc90003853000) created by: [ 80.602148][ T7949] kvrealloc_noprof+0x7d/0xd0 [ 80.607903][ T7949] [ 80.608722][ T7949] The buggy address belongs to the physical page: [ 80.610820][ T7949] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x6b709 [ 80.613733][ T7949] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 80.616080][ T7949] raw: 04fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 80.618983][ T7949] raw: 0000000000000000 0000000000000000 00000001ffffffff 0000000000000000 [ 80.622021][ T7949] page dumped because: kasan: bad access detected [ 80.624361][ T7949] page_owner tracks the page as allocated [ 80.626321][ T7949] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102cc2(GFP_HIGHUSER|__GFP_NOWARN), pid 7949, tgid 7948 (syz.0.907), ts 80486375427, free_ts 77944038736 [ 80.632084][ T7949] post_alloc_hook+0x181/0x1b0 [ 80.633719][ T7949] get_page_from_freelist+0x135c/0x3920 [ 80.635522][ T7949] __alloc_frozen_pages_noprof+0x5a8/0x23a0 [ 80.637461][ T7949] alloc_pages_mpol+0x1fb/0x550 [ 80.638948][ T7949] alloc_pages_noprof+0x131/0x390 [ 80.640537][ T7949] __vmalloc_node_range_noprof+0x732/0x1540 [ 80.642518][ T7949] __kvmalloc_node_noprof+0x2ff/0x600 [ 80.644441][ T7949] kvrealloc_noprof+0x7d/0xd0 [ 80.646063][ T7949] push_insn_history+0x2ae/0x6c0 [ 80.647772][ T7949] check_mem_access+0x3edc/0x5fb0 [ 80.649569][ T7949] check_store_reg+0x2ef/0x470 [ 80.651236][ T7949] do_check_common+0x4618/0xc2a0 [ 80.653088][ T7949] bpf_check+0x7f51/0xb460 [ 80.654616][ T7949] bpf_prog_load+0xe41/0x2490 [ 80.656171][ T7949] __sys_bpf+0x433c/0x4d80 [ 80.657677][ T7949] __ia32_sys_bpf+0x76/0xe0 [ 80.659181][ T7949] page last free pid 7722 tgid 7722 stack trace: [ 80.661344][ T7949] __free_frozen_pages+0x69d/0xff0 [ 80.663033][ T7949] tlb_remove_table_rcu+0x116/0x1a0 [ 80.664850][ T7949] rcu_core+0x799/0x14e0 [ 80.666263][ T7949] handle_softirqs+0x216/0x8e0 [ 80.667846][ T7949] __irq_exit_rcu+0x109/0x170 [ 80.669425][ T7949] irq_exit_rcu+0x9/0x30 [ 80.670833][ T7949] sysvec_apic_timer_interrupt+0x57/0xc0 [ 80.672808][ T7949] asm_sysvec_apic_timer_interrupt+0x1a/0x20 [ 80.675004][ T7949] [ 80.675850][ T7949] Memory state around the buggy address: [ 80.677700][ T7949] ffffc90003850f00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 80.680309][ T7949] ffffc90003850f80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 80.682969][ T7949] >ffffc90003851000: 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 80.685773][ T7949] ^ [ 80.687438][ T7949] ffffc90003851080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 80.690132][ T7949] ffffc90003851100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 80.692777][ T7949] ================================================================== [ 80.696568][ T7949] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 80.698956][ T7949] CPU: 0 UID: 0 PID: 7949 Comm: syz.0.907 Not tainted 6.15.0-rc5-syzkaller-00123-g2c89c1b655c0 #0 PREEMPT(full) [ 80.702838][ T7949] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.706356][ T7949] Call Trace: [ 80.707578][ T7949] [ 80.708589][ T7949] dump_stack_lvl+0x3d/0x1f0 [ 80.710128][ T7949] panic+0x71c/0x800 [ 80.711448][ T7949] ? __pfx_panic+0x10/0x10 [ 80.712968][ T7949] ? rcu_is_watching+0x12/0xc0 [ 80.714565][ T7949] ? preempt_schedule_thunk+0x16/0x30 [ 80.716348][ T7949] ? vrealloc_noprof+0x132/0x320 [ 80.718032][ T7949] ? preempt_schedule_common+0x44/0xc0 [ 80.719833][ T7949] ? vrealloc_noprof+0x132/0x320 [ 80.721506][ T7949] check_panic_on_warn+0xab/0xb0 [ 80.723155][ T7949] end_report+0x107/0x170 [ 80.724613][ T7949] kasan_report+0xee/0x110 [ 80.726089][ T7949] ? vrealloc_noprof+0x132/0x320 [ 80.727735][ T7949] kasan_check_range+0xef/0x1a0 [ 80.729403][ T7949] __asan_memset+0x23/0x50 [ 80.730881][ T7949] vrealloc_noprof+0x132/0x320 [ 80.732481][ T7949] push_insn_history+0x2ae/0x6c0 [ 80.734109][ T7949] do_check_common+0xbd3/0xc2a0 [ 80.735723][ T7949] ? __pfx_do_check_common+0x10/0x10 [ 80.737476][ T7949] ? __pfx_mark_fastcall_pattern_for_call+0x10/0x10 [ 80.739831][ T7949] ? kfree+0x2b6/0x4d0 [ 80.741595][ T7949] ? bpf_check+0x6c86/0xb460 [ 80.743606][ T7949] ? bpf_check+0x7b2f/0xb460 [ 80.745620][ T7949] bpf_check+0x7f51/0xb460 [ 80.747524][ T7949] ? __pfx_bpf_check+0x10/0x10 [ 80.749590][ T7949] ? pcpu_alloc_noprof+0x949/0x1470 [ 80.751643][ T7949] ? __lock_acquire+0xaa4/0x1ba0 [ 80.753297][ T7949] ? find_held_lock+0x2b/0x80 [ 80.754848][ T7949] ? __asan_memset+0x23/0x50 [ 80.756411][ T7949] ? bpf_obj_name_cpy+0x14a/0x1a0 [ 80.758073][ T7949] bpf_prog_load+0xe41/0x2490 [ 80.759646][ T7949] ? __pfx_bpf_prog_load+0x10/0x10 [ 80.761559][ T7949] ? bpf_lsm_bpf+0x9/0x10 [ 80.763481][ T7949] __sys_bpf+0x433c/0x4d80 [ 80.765491][ T7949] ? __pfx_futex_wake+0x10/0x10 [ 80.767333][ T7949] ? __pfx___sys_bpf+0x10/0x10 [ 80.768936][ T7949] ? __lock_acquire+0xaa4/0x1ba0 [ 80.770595][ T7949] ? do_futex+0x122/0x350 [ 80.772104][ T7949] ? __pfx_do_futex+0x10/0x10 [ 80.773681][ T7949] ? xfd_validate_state+0x5d/0x180 [ 80.775368][ T7949] ? rcu_is_watching+0x12/0xc0 [ 80.776962][ T7949] __ia32_sys_bpf+0x76/0xe0 [ 80.778480][ T7949] __do_fast_syscall_32+0x73/0x120 [ 80.780170][ T7949] do_fast_syscall_32+0x32/0x80 [ 80.781851][ T7949] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 80.783934][ T7949] RIP: 0023:0xf70ae579 [ 80.785298][ T7949] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 80.791488][ T7949] RSP: 002b:00000000f509e55c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 80.794678][ T7949] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000700 [ 80.797392][ T7949] RDX: 0000000000000094 RSI: 0000000000000000 RDI: 0000000000000000 [ 80.800088][ T7949] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 80.802858][ T7949] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 80.805629][ T7949] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 80.808330][ T7949] [ 80.809937][ T7949] Kernel Offset: disabled [ 80.811597][ T7949] Rebooting in 86400 seconds.. VM DIAGNOSIS: 18:04:48 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000069 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854c1175 RDI=ffffffff9adddbc0 RBP=ffffffff9adddb80 RSP=ffffc900031def00 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=3039636666667257 R12=0000000000000000 R13=0000000000000069 R14=ffffffff9adddb80 R15=ffffffff854c1110 RIP=ffffffff854c119f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880977ee000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000005663999c CR3=0000000022470000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000007000000000 0000000200000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000000 RBX=ffff88802b241480 RCX=ffffffff81ae8e69 RDX=ffff8880202ba440 RSI=ffffffff81ae8e43 RDI=0000000000000005 RBP=0000000000000003 RSP=ffffc9000109efe0 R8 =0000000000000005 R9 =0000000000000000 R10=0000000000000001 R11=0000000000000000 R12=ffffed1005648291 R13=0000000000000001 R14=dffffc0000000000 R15=ffff88802b33b180 RIP=ffffffff81ae8e4a RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880978ee000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000080001000 CR3=000000004a133000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=00000000000750a7 RBX=0000000000000002 RCX=ffffffff8b6933e9 RDX=0000000000000000 RSI=ffffffff8dbdb811 RDI=ffffffff8bf46ce0 RBP=ffffed1003b55910 RSP=ffffc9000047fdf8 R8 =0000000000000001 R9 =ffffed10056865bd R10=ffff88802b432deb R11=0000000000000000 R12=0000000000000002 R13=ffff88801daac880 R14=ffffffff90850c10 R15=0000000000000000 RIP=ffffffff8b691c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880979ee000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00007f6a377225d0 CR3=0000000023063000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=dffffc0000000000 RBX=ffff88802b53fc00 RCX=0000000000000001 RDX=1ffff110056a7f8e RSI=1ffffd4000290e41 RDI=ffffea0001487210 RBP=ffff88802b53fc70 RSP=ffffc900010ef0c8 R8 =0000000000000000 R9 =0000000000000000 R10=ffffea0001487200 R11=0000000000000000 R12=ffff88807ffd6b80 R13=ffffea00014871c8 R14=0000000000000000 R15=ffffea0001487208 RIP=ffffffff82117b26 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097aee000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002f21affc CR3=000000000e180000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000