last executing test programs: 5.83522481s ago: executing program 3 (id=76): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000440)={0x6, 0x3, &(0x7f00000001c0)=ANY=[@ANYRES64=r0], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x41100, 0x8, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x94) r2 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) socket$inet6(0xa, 0x0, 0x3) connect$inet6(0xffffffffffffffff, 0x0, 0x0) r3 = accept4$inet(0xffffffffffffffff, &(0x7f0000000040)={0x2, 0x0, @empty}, &(0x7f0000000300)=0x10, 0x80000) getsockopt$inet_IP_IPSEC_POLICY(r3, 0x0, 0x10, &(0x7f0000000780)={{{@in6=@mcast2, @in=@multicast2}}, {{@in6=@mcast2}, 0x0, @in6=@dev}}, &(0x7f0000000140)=0xe4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = syz_open_dev$MSR(&(0x7f0000000280), 0x0, 0x0) read$msr(r4, &(0x7f0000019680)=""/102392, 0x18ff8) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) socketpair$nbd(0x1, 0x1, 0x0, 0x0) r5 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SNDCTL_SEQ_OUTOFBAND(r5, 0x40085112, &(0x7f0000000080)=@e={0xff, 0xa, 0x0, 0x0, @SEQ_CONTROLLER=0xfe}) r6 = bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) r7 = io_uring_setup(0x4000177f, &(0x7f00000003c0)={0x0, 0x5a27}) r8 = syz_open_dev$swradio(&(0x7f00000000c0), 0x0, 0x2) read$hiddev(r8, &(0x7f0000000740)=""/43, 0x2b) close_range(r7, 0xffffffffffffffff, 0x0) bind$bt_hci(r2, &(0x7f0000000080), 0x6) write$RDMA_USER_CM_CMD_CREATE_ID(0xffffffffffffffff, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x0, 0x0, 0x2}}, 0x20) write$RDMA_USER_CM_CMD_LISTEN(0xffffffffffffffff, &(0x7f0000000080)={0x7, 0x8}, 0x10) write$RDMA_USER_CM_CMD_SET_OPTION(0xffffffffffffffff, &(0x7f0000000240)={0xe, 0x18, 0xfa00, @id_resuseaddr={&(0x7f0000000200)=0x1, 0xffffffffffffffff, 0x0, 0x1, 0x4}}, 0x20) fchmod(r6, 0x0) ioctl$sock_bt_hci(r2, 0x400448e6, &(0x7f0000000140)) socket$kcm(0x2, 0x0, 0x84) r9 = socket$packet(0x11, 0x2, 0x300) ioctl$sock_SIOCGIFINDEX(r9, 0x8933, &(0x7f0000000080)={'wg0\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f00000000c0)={r1, r10, 0x25, 0x0, @val=@netfilter}, 0x40) sendmsg$nl_route_sched(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000004c00)=@newtfilter={0x24, 0x11, 0xd27, 0x0, 0x0, {0x0, 0x0, 0x74, r10, {0x0, 0xfff2}}}, 0x24}, 0x1, 0xf0ffffffffffff}, 0x0) 4.409967307s ago: executing program 3 (id=79): bind$inet(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000000)={@host}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000040000181100", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r2 = inotify_init1(0x0) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, 0x0}) r4 = syz_open_procfs(r3, &(0x7f0000000180)='fd/4\x00') ioctl$EXT4_IOC_GROUP_EXTEND(r4, 0x40305839, &(0x7f0000000240)) 4.315442386s ago: executing program 3 (id=80): bind$inet(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) ioctl$IOCTL_VMCI_VERSION2(0xffffffffffffffff, 0x7a7, &(0x7f00000001c0)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000000)={@host}) ioctl$IOCTL_VMCI_NOTIFY_RESOURCE(0xffffffffffffffff, 0x7a5, &(0x7f0000000240)={{@hyper}, 0x1}) openat$pidfd(0xffffffffffffff9c, 0x0, 0x0, 0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000180)) syz_open_procfs$namespace(0xffffffffffffffff, 0x0) socket$nl_route(0x10, 0x3, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000380)={&(0x7f0000000340)='io_uring_register\x00', r1}, 0x10) r2 = io_uring_setup(0x1de0, &(0x7f0000000440)={0x0, 0xfffffffd, 0x40}) io_uring_register$IORING_REGISTER_PERSONALITY(r2, 0x9, 0x0, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000040000181100", @ANYRES32=r3], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r4) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r5 = inotify_init1(0x0) fcntl$setown(r5, 0x8, 0xffffffffffffffff) fcntl$getownex(r5, 0x10, &(0x7f0000000140)={0x0, 0x0}) r7 = syz_open_procfs(r6, &(0x7f0000000180)='fd/4\x00') ioctl$EXT4_IOC_GROUP_EXTEND(r7, 0x40305839, &(0x7f0000000240)) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) 3.05167385s ago: executing program 3 (id=90): syz_genetlink_get_family_id$nl80211(&(0x7f00000003c0), 0xffffffffffffffff) r0 = getpid() bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffec850000006d000000670000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffe55, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = getpid() ioctl$KVM_SET_USER_MEMORY_REGION(0xffffffffffffffff, 0x4020ae46, &(0x7f0000000400)={0x0, 0x0, 0x0, 0x20002000, &(0x7f0000000000/0x2000)=nil}) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000440)={0x0, 0xb, 0x0, &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) ioctl$KVM_TRANSLATE(0xffffffffffffffff, 0xc018ae85, &(0x7f0000000040)) process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) process_vm_readv(r0, &(0x7f0000008400)=[{&(0x7f0000000000)=""/152, 0x98}], 0x1, &(0x7f0000008640), 0x0, 0x0) io_uring_setup(0x1fc3, &(0x7f00000012c0)={0x0, 0x0, 0x1, 0x1, 0x10002a4}) r2 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r2, &(0x7f0000000040)={0x2a, 0x0, 0xfffffffe}, 0xc) r3 = openat$qrtrtun(0xffffffffffffff9c, &(0x7f0000000080), 0x2) write$binfmt_aout(r3, &(0x7f0000000100)=ANY=[@ANYBLOB="03010000b5"], 0xc8) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x3, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000040)='ext4_drop_inode\x00', r4}, 0x10) r5 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r5) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r6 = inotify_init1(0x0) bind$unix(0xffffffffffffffff, &(0x7f0000000180)=@file={0x0, './file0\x00'}, 0x6e) fcntl$setown(r6, 0x8, 0xffffffffffffffff) fcntl$getownex(r6, 0x10, &(0x7f0000000140)={0x0, 0x0}) r8 = syz_open_procfs(r7, &(0x7f0000000600)='fd/4\x00') open_by_handle_at(r8, &(0x7f0000000180)=ANY=[@ANYBLOB="0c00003001000000"], 0x650000) write$binfmt_script(r2, 0x0, 0x0) socket$nl_generic(0x10, 0x3, 0x10) 2.433563548s ago: executing program 3 (id=93): socketpair$unix(0x1, 0x5, 0x0, &(0x7f00000000c0)={0xffffffffffffffff}) ioctl$ifreq_SIOCGIFINDEX_team(r0, 0x8933, &(0x7f0000000140)) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r1, 0x8933, &(0x7f0000000000)={'team0\x00', 0x0}) syz_open_procfs(0xffffffffffffffff, &(0x7f0000000100)='mountinfo\x00') bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x2, 0x0, &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r3 = socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl80211(0x0, 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, 0x0) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$IPVS_CMD_FLUSH(r4, 0x0, 0x48000) sendmsg$NL80211_CMD_FRAME(r3, 0x0, 0x0) ioctl$sock_inet_SIOCGIFDSTADDR(r3, 0x8917, &(0x7f0000000080)={'netpci0\x00', {0x2, 0x0, @loopback}}) syz_emit_vhci(&(0x7f0000000440)=ANY=[@ANYBLOB="043e0c0400c900ce125278960081b3"], 0xf) r5 = socket$inet(0x2, 0x4000000000000001, 0x0) getsockopt$sock_buf(r5, 0x6, 0x23, &(0x7f0000003340)=""/4096, &(0x7f0000000380)=0x1000) openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpuacct.stat\x00', 0x275a, 0x0) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) r6 = creat(&(0x7f0000000040)='./file0/file1\x00', 0x0) write$cgroup_type(r6, &(0x7f00000009c0), 0xd4ba0ff) unlink(&(0x7f0000000100)='./file0/file1\x00') mount$bind(&(0x7f00000000c0)='./file0\x00', &(0x7f0000000180)='./file0/file1\x00', 0x0, 0xa050, 0x0) mount(0x0, &(0x7f0000000240)='./file0/file1\x00', &(0x7f0000000280)='pipefs\x00', 0x0, 0x0) r7 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r7, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000080)=ANY=[@ANYBLOB="300000001c00010c000000000000000007000000", @ANYRES32=r2, @ANYBLOB="8000a2000a000200aaaaaaaaaabb000008000f"], 0x30}}, 0x0) 2.205514091s ago: executing program 3 (id=94): openat$dir(0xffffffffffffff9c, &(0x7f0000001a00)='./file1\x00', 0x40, 0x0) r0 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000740), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r0, 0x7a7, &(0x7f0000000100)=0x80000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r0, 0x7a0, &(0x7f0000000140)={@my=0x1}) ioctl$IOCTL_VMCI_QUEUEPAIR_ALLOC(r0, 0x7a8, &(0x7f00000001c0)={{@host}, @host, 0x0, 0x20000}) bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xb, &(0x7f0000000780)=ANY=[@ANYBLOB="a7e9312fe4b78befee914a0c8d2ccc3e8d13bcbc25586c0d84cc632406fbae5d5fa7f4a12534307c82c06764590b5b9e4cde07dc817c6c54546218f88b73b84731bdc16e361590d39d2aac663649ebb993b19fcd13f39b26d7fd7202868ba592c7e083787024e1018bb81cdb011c61b7e35ea8e7adcfa6ba96bc4971d47aabfb1ebea035af64de4265496b259ae5e7013e2d8d6893283ba77549c02dafb4d706161ac25ed7acd54a7fc7aa94c7177701eec9c21807959fef31b53242c26b3af4d61d9cd99f4ebad42246fcefb3009be55f725b3c85b5bdee2d"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x2a, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000000)='sched_switch\x00', r1}, 0x10) r2 = syz_open_dev$evdev(&(0x7f0000000180), 0x0, 0x0) ioctl$EVIOCSKEYCODE_V2(r2, 0x80104592, &(0x7f0000000040)={0x0, 0x0, 0x0, 0xfffffffe, "00207d2000000000201b14700c1e0ac74f000000001280000000000900"}) ioctl$EVIOCGBITSND(r2, 0x8000451a, 0x0) syz_open_dev$hidraw(&(0x7f0000000080), 0x0, 0x0) syz_usb_connect$cdc_ncm(0x0, 0x6e, &(0x7f0000000040)=ANY=[@ANYBLOB="12010000090000082502000000000000000109025c00020100f92a0904000001020900000524060001053408fa6e0d240f0100000000000d000a0006471a010000190581"], 0x0) r3 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) read$char_usb(r3, &(0x7f0000000240)=""/75, 0x4b) ioctl$EVIOCGID(r2, 0x80084502, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x0) munlock(&(0x7f00008b2000/0x4000)=nil, 0x4000) syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r3, 0x0, 0x0) r4 = socket$inet6_udp(0xa, 0x2, 0x0) setsockopt$inet6_group_source_req(r4, 0x29, 0x2e, &(0x7f0000000240)={0x8, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108) setsockopt$inet6_MCAST_MSFILTER(r4, 0x29, 0x30, &(0x7f0000000880)=ANY=[@ANYBLOB="080000000a00000000000000ff01000000000000000000000000000100000000000000000000000000000000000000000000000000000000000000000000000000000000001100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000fe76d2c3fed7bb7b000000000000aa00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000a00000000000000fc01000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002ee46eb700"/400], 0x190) setsockopt$inet6_group_source_req(r4, 0x29, 0x2b, &(0x7f0000000240)={0x0, {{0xa, 0x0, 0x0, @mcast1}}, {{0xa, 0x0, 0x0, @private1}}}, 0x108) r5 = openat$vmci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r5, 0x7a7, &(0x7f0000000100)=0xa0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r5, 0x7a0, &(0x7f0000000040)={@host}) r6 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000440), 0x0, 0x0) ioctl$KVM_CREATE_VM(r6, 0xae01, 0x0) socket$nl_route(0x10, 0x3, 0x0) 1.845497842s ago: executing program 2 (id=96): unshare(0x46060480) socket$igmp(0x2, 0x3, 0x2) r0 = syz_init_net_socket$netrom(0x6, 0x5, 0x0) bind$netrom(r0, &(0x7f0000000000)={{0x6, @rose}, [@default, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @null, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}]}, 0x48) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000000300)=""/102400, 0x19000) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x141a42, 0x0) fsconfig$FSCONFIG_CMD_CREATE(0xffffffffffffffff, 0x6, 0x0, 0x0, 0x0) mknodat$loop(0xffffffffffffffff, &(0x7f0000000080)='./file0\x00', 0x1000, 0x0) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0) execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x0, 0x0, 0x0) symlinkat(&(0x7f0000000280)='./file2\x00', 0xffffffffffffffff, &(0x7f0000000100)='./file2\x00') lsm_set_self_attr(0xc, &(0x7f000001a700)=ANY=[@ANYRESDEC, @ANYRESHEX=r2, @ANYRESHEX, @ANYRES32, @ANYRES8=0x0], 0x20, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x8, 0x5, &(0x7f0000019340)=ANY=[@ANYBLOB="1800000000300000002700001a6554eaa442bd1c"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) ioctl$FAT_IOCTL_SET_ATTRIBUTES(0xffffffffffffffff, 0x40047211, &(0x7f0000000180)=0x2) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) r5 = socket$inet(0x2, 0x0, 0x2) setsockopt$inet_msfilter(r5, 0x0, 0x29, &(0x7f0000000200)=ANY=[@ANYBLOB="e0000002ea0000000000000000"], 0x10) ioctl$FS_IOC_GETFSLABEL(0xffffffffffffffff, 0x81009431, &(0x7f0000000080)) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000240)='contention_end\x00', r3}, 0x18) r6 = syz_open_dev$radio(&(0x7f0000019300), 0x2, 0x2) ioctl$VIDIOC_LOG_STATUS(r6, 0x5646, 0x0) writev(r4, 0x0, 0x0) r7 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$IPCTNL_MSG_CT_NEW(r7, &(0x7f0000019380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f00000000c0)=ANY=[@ANYRESOCT], 0xa4}}, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) 1.354992004s ago: executing program 1 (id=97): r0 = socket$kcm(0x10, 0x2, 0x10) r1 = socket$kcm(0x11, 0x200000000000002, 0x300) r2 = openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$FBIOGET_CON2FBMAP(r2, 0x460f, &(0x7f0000000140)) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000880)={0x1, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="180800000000000000000000000000007ed9850000005000000094ffffe70000"], &(0x7f0000000980)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) setsockopt$sock_attach_bpf(r1, 0x1, 0x32, &(0x7f0000000d00)=r3, 0x4) sendmsg$kcm(r0, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000080)=[{&(0x7f0000000040)="c0", 0x1}], 0x1}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000640)=@base={0x1e, 0x0, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) setsockopt$netrom_NETROM_T2(0xffffffffffffffff, 0x103, 0x7, &(0x7f0000003480), 0x4) sendmsg$AUDIT_ADD_RULE(0xffffffffffffffff, &(0x7f0000000180)={&(0x7f0000000100)={0x10, 0x0, 0x0, 0x10001001}, 0xc, &(0x7f0000000140)={&(0x7f0000001180)=ANY=[@ANYBLOB="34040000f303000427bd7000fcdbdf2506000000010000001400000008000000ff0c00000700000003000000ff0f0000060000000700000004000000020000000600000001000000050000000000008005000000810000000000008004000000030000000400000008000000ff0f000001800000715700000300000003000000070000007f000000c0ffffff050000000000000008000000030000000600000000000000000200000000000005000000000100000800000007000000e8ac000025090000080000000900000000000080000000000600000009000000000000000500000009000000000200000000000000000000060000000600000000800000050000007f0000007d43ffff0700000002000000fcffffff06000000ffffffff0000000008000000f1ffffff010001000300000008000000080000000900000009000000fdffffff000000000300000006000000010000005a84000001000000060000000b00000007000000a4000000969100004b000000ff0300000400000005000000060000005ebe22c70d0000001390000001000000030000000101000001f8ffff0004000001000000050000000400000065010000ff0000000200000007000000070000001d0c0000fd64ffff010000000004000001000000010000000d0000000700000000100000020000000010000003000000090000000500000001000000000028000008000009550000000000800400000002000000050000000500000008010000feffffff020000007cdb0000ffffff7fed3c00000080ffff58ffffffffffff7f0500000001000080f8ffffff09000000040000000d00000011f1ffff05000000f10000000500000007000000000000000000000700000800000000010000000000000001000000c504000006000000030000000b0000000000008004000000010100001000000040000000030000009d000000010000000002000010000000000001008b000000050000000500000008000000030000000100000001040000ac00000018000000000000002f6b000008000000df620000010000000900000000010000fc4f000000000004000000000400000000000000020000000800000003000000060000000000000000000000230a0000060000000200000080000000070000000500000003000000ff0700000d00000002000000ffffffff4000000001000000050000000180000003000000090000000001000004000000d18a66050300000004000000e4000000d96b0950080000000b0000000600000061000000000400000700000007000000020000000f0000007f00000007000000061dd40e01000100010000000c000000ff0000007a4de35fc9c7000010000000060000000000000000040000000001000400000000000000650000000500000013000000002f2c0047504c00230029eb0029002b272900000000000000000000e8afa255751300cf19ff26debf54bf74ab7283aa9b39c01ac7727e22eb01ac467a1136fae418c9741e7dced8e78cf9e5880b3f67812fde9dabb6870c6d08c934fdbc66851559322bc769068002d13cab0996e1df68fae731ced3d5a40a4a989a9f41401c8922f16ac8136e4e"], 0x434}, 0x1, 0x0, 0x0, 0x20000001}, 0x4040015) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000a40)={0x3, 0xc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000340)={r4, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) 1.275234546s ago: executing program 1 (id=98): bind$inet(0xffffffffffffffff, 0x0, 0x0) syz_emit_ethernet(0x0, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) ioctl$IOCTL_VMCI_INIT_CONTEXT(0xffffffffffffffff, 0x7a0, &(0x7f0000000000)={@host}) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="18000000000000000000000000040000181100", @ANYRES32=r0], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r1 = syz_open_procfs(0x0, &(0x7f00000000c0)='task\x00') fchdir(r1) mount(0x0, &(0x7f0000000080)='.\x00', &(0x7f0000000000)='proc\x00', 0x0, 0x0) r2 = inotify_init1(0x0) fcntl$setown(r2, 0x8, 0xffffffffffffffff) fcntl$getownex(r2, 0x10, &(0x7f0000000140)={0x0, 0x0}) r4 = syz_open_procfs(r3, &(0x7f0000000180)='fd/4\x00') ioctl$EXT4_IOC_GROUP_EXTEND(r4, 0x40305839, &(0x7f0000000240)) 1.274793122s ago: executing program 1 (id=99): r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x11, 0x5, &(0x7f0000000240)=ANY=[@ANYBLOB="00000000090004000000000000000000c50000000e800000850000000e000000958aff12d046fd52f47dc06be105bbab5174172332b65e302da797e85ee0ba42ac4da8fa0984da670ca88c4d33b21a8a119ac948f8004166282ab0c9fd218aaa52ab5d307a831f55858d1f657c18b619867336c3b12fd7ca7a"], &(0x7f0000000200)='GPL\x00', 0x652, 0x0, 0x0, 0x0, 0x66, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0xffffff6e, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='mmap_lock_acquire_returned\x00', r0}, 0x10) r1 = getpid() process_vm_readv(r1, &(0x7f0000008400)=[{&(0x7f0000000300)=""/54, 0x7ffff000}, {&(0x7f0000006180)=""/152, 0x98}], 0x2, &(0x7f0000008640)=[{&(0x7f0000008480)=""/95, 0x7ffff000}], 0x286, 0x0) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000003c0)={0x11, 0x0, 0x0, &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x3, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000)={0x0, 0x0, 0x0, 0xfffffff9}, 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000040)='contention_end\x00', r2}, 0xa) r3 = syz_open_dev$sndctrl(&(0x7f0000001440), 0x0, 0x0) ioctl$SNDRV_CTL_IOCTL_PCM_PREFER_SUBDEVICE(r3, 0x40045532, &(0x7f0000000100)) r4 = openat$audio(0xffffffffffffff9c, &(0x7f00000000c0), 0x88602, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r4, 0x80045017, 0x0) r5 = syz_open_dev$sndpcmp(&(0x7f00000001c0), 0x0, 0xa2c65) write$snddsp(r5, &(0x7f0000000200)="a38d", 0x2) ioctl$SNDRV_PCM_IOCTL_DRAIN(r5, 0x4144, 0x0) ioctl$SNDRV_PCM_IOCTL_STATUS_EXT32(r5, 0xc06c4124, &(0x7f0000000140)) r6 = socket$inet6_tcp(0xa, 0x1, 0x0) bind$inet6(r6, &(0x7f0000000100)={0xa, 0x4e22}, 0x1c) r7 = syz_init_net_socket$x25(0x9, 0x5, 0x0) ioctl$SIOCX25SFACILITIES(r7, 0x89e3, &(0x7f0000000000)={0x30, 0x7ff, 0x5, 0xa, 0xf, 0x81}) listen(r6, 0x3) syz_emit_ethernet(0xa6, &(0x7f0000000980)={@local, @random="c4bc9cac9686", @void, {@ipv6={0x86dd, @tcp={0x0, 0x6, '\x00', 0x70, 0x6, 0x0, @local, @local, {[], {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x0, 0x1c, 0xe2, 0x0, 0x0, 0x0, {[@timestamp={0x8, 0xa}, @timestamp={0x3, 0xa}, @exp_fastopen={0xfe, 0x8, 0xf989, "e8e82b84"}, @mss={0x2, 0x4, 0x1000}, @exp_fastopen={0xfe, 0x11, 0xf989, "1d6b93e7e59658ded8a032b667"}, @window={0x3, 0x3}, @exp_fastopen={0xfe, 0xb, 0xf989, "00408000000000"}, @exp_smc={0xfe, 0x6}, @mss={0x2, 0x4}, @exp_fastopen={0xfe, 0xe, 0xf989, "b23ffdd7f7f300000000"}, @fastopen={0x22, 0x4, "0396"}]}}}}}}}}, 0x0) mlock2(&(0x7f00005cc000/0x4000)=nil, 0x4000, 0x1) r8 = socket$can_bcm(0x1d, 0x2, 0x2) connect$can_bcm(r8, &(0x7f0000000080), 0x10) sendmsg$can_bcm(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000180)={0x0}}, 0x0) 992.995539ms ago: executing program 1 (id=100): ioctl$TIOCGSID(0xffffffffffffffff, 0x5429, &(0x7f0000000000)=0x0) getpid() ioctl$SECCOMP_IOCTL_NOTIF_RECV(0xffffffffffffffff, 0xc0502100, &(0x7f0000000040)={0x0, 0x0}) sched_getparam(r1, &(0x7f00000000c0)) prctl$PR_SET_PTRACER(0x59616d61, r0) 931.295323ms ago: executing program 1 (id=101): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) close(r0) r1 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty}, 0x1c) r2 = socket$inet6(0xa, 0x2, 0x3a) setsockopt$inet6_int(r2, 0x29, 0x4e, &(0x7f0000000040)=0x9, 0x4) bind$inet6(r2, &(0x7f0000000000)={0xa, 0x4e20, 0xf, @private1}, 0x1c) r3 = socket(0x2, 0x2, 0x1) bind$unix(r3, &(0x7f0000000000)=@abs, 0x6e) r4 = syz_open_procfs(0x0, &(0x7f0000000480)='net/icmp6\x00') preadv(r4, &(0x7f0000000080)=[{&(0x7f00000001c0)=""/133, 0x85}], 0x1, 0xa3, 0x0) listen(r0, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) sendto$inet6(r5, 0x0, 0x0, 0x240540c7, &(0x7f0000000200)={0xa, 0x4e22, 0x0, @loopback}, 0x1c) close(r1) 885.350804ms ago: executing program 1 (id=102): socket$inet_tcp(0x2, 0x1, 0x0) r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000180)={'vxcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f00000001c0)={0x1d, r1}, 0x18) sendmsg$can_j1939(r0, &(0x7f0000000380)={&(0x7f0000000200)={0x1d, 0x0, 0x0, {0x0, 0x0, 0x2}, 0xfd}, 0x18, &(0x7f0000000240)={&(0x7f00000000c0)="10", 0x1}, 0x3f}, 0xfeffff) r2 = bpf$BPF_BTF_GET_FD_BY_ID(0x13, &(0x7f0000000440)=0xffffffffffffffff, 0x4) r3 = openat(0xffffffffffffff9c, &(0x7f0000000180)='./file0\x00', 0x24c01, 0x0) write$FUSE_WRITE(r3, &(0x7f00000000c0)={0x18}, 0xfdef) r4 = openat(0xffffffffffffff9c, &(0x7f000000c380)='./file0\x00', 0x40, 0x0) r5 = openat$fuse(0xffffffffffffff9c, &(0x7f0000000080), 0x42, 0x0) mount$fuse(0x0, &(0x7f00000020c0)='./file0\x00', &(0x7f0000000100), 0x0, &(0x7f0000002140)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=r5, @ANYBLOB=',rootmode=00000000000000000100000,user_id=', @ANYRESDEC=0x0, @ANYBLOB=',group_id=', @ANYRESDEC=0x0]) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x10, 0xffffffffffffffff, 0x0) r6 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r6, &(0x7f0000000040)={0x1f, 0x0, @fixed}, 0xe) syz_emit_vhci(&(0x7f00000000c0)=ANY=[@ANYBLOB="02c8000c00080002"], 0x11) r7 = openat2$dir(0xffffffffffffff9c, &(0x7f0000000180)='.\x00', &(0x7f0000000040), 0x18) r8 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r8, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f00000003c0)=ANY=[@ANYBLOB="140000001000010000000000000000001c6a000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r8, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000080)={{0x14}, [@NFT_MSG_NEWRULE={0x64, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_EXPRESSIONS={0x38, 0x4, 0x0, 0x1, [{0x34, 0x1, 0x0, 0x1, @exthdr={{0xb}, @val={0x24, 0x2, 0x0, 0x1, [@NFTA_EXTHDR_OFFSET={0x8, 0x3, 0x1, 0x0, 0x42}, @NFTA_EXTHDR_DREG={0x8, 0x1, 0x1, 0x0, 0x15}, @NFTA_EXTHDR_TYPE={0x5, 0x2, 0x83}, @NFTA_EXTHDR_LEN={0x8}]}}}]}]}], {0x14}}, 0x8c}}, 0x0) faccessat2(r7, &(0x7f0000000480)='./file0\x00', 0x0, 0x0) umount2(&(0x7f0000001540)='./file0\x00', 0x2) r9 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r9, &(0x7f000000c2c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000002f40)=ANY=[@ANYBLOB="140000001000010000000000000000000000000a28000000000a0101000000005e1affd5020000000900010073797a300000000008000240000000032c000000030a01030000e6ff00000000020000000900010073797a30000000000900030073797a320000000014000000110001"], 0x7c}}, 0x0) sendmsg$NFT_BATCH(r9, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000340)={{0x14}, [@NFT_MSG_NEWRULE={0x58, 0x6, 0xa, 0x409, 0x0, 0x0, {0x2}, [@NFTA_RULE_CHAIN={0x9, 0x2, 'syz2\x00'}, @NFTA_RULE_TABLE={0x9, 0x1, 'syz0\x00'}, @NFTA_RULE_EXPRESSIONS={0x2c, 0x4, 0x0, 0x1, [{0x28, 0x1, 0x0, 0x1, @nat={{0x8}, @val={0x1c, 0x2, 0x0, 0x1, [@NFTA_NAT_REG_PROTO_MIN={0x8}, @NFTA_NAT_FAMILY={0x8}, @NFTA_NAT_TYPE={0x8, 0x1, 0x1, 0x0, 0x1}]}}}]}]}], {0x14}}, 0x80}}, 0x0) dup3(r4, r5, 0x0) sendmsg$IPSET_CMD_GET_BYNAME(r3, &(0x7f0000000540)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x4000}, 0xc, &(0x7f0000000500)={&(0x7f0000000480)={0x50, 0xe, 0x6, 0x607, 0x0, 0x0, {0x2, 0x0, 0x8}, [@IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_PROTOCOL={0x5}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz2\x00'}, @IPSET_ATTR_SETNAME={0x9, 0x2, 'syz1\x00'}, @IPSET_ATTR_PROTOCOL={0x5}]}, 0x50}, 0x1, 0x0, 0x0, 0xc890}, 0x40) ioctl$BTRFS_IOC_FS_INFO(r2, 0x8400941f, &(0x7f0000000040)) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f00000000c0)={0x1, &(0x7f0000000100)=[{0x6, 0x0, 0x0, 0x7fff0006}]}) r10 = openat$rdma_cm(0xffffffffffffff9c, &(0x7f0000000540), 0x2, 0x0) write$RDMA_USER_CM_CMD_CREATE_ID(r10, &(0x7f0000000100)={0x0, 0x18, 0xfa00, {0x3, &(0x7f0000000040), 0x111}}, 0x20) 804.974571ms ago: executing program 2 (id=103): r0 = socket$inet_tcp(0x2, 0x1, 0x0) ioctl$sock_inet_SIOCSIFADDR(r0, 0x8917, &(0x7f0000000080)={'syz_tun\x00', {0x2, 0xfdfd, @local}}) 803.804039ms ago: executing program 2 (id=104): r0 = socket$kcm(0x10, 0x2, 0x0) write$cgroup_subtree(r0, &(0x7f0000000040)=ANY=[@ANYBLOB="33fe0000180091c8b14a0778a8123d181d"], 0xfe33) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f00000001c0), 0x2, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r2 = syz_open_dev$ndb(&(0x7f0000000040), 0x0, 0x0) r3 = socket(0x2, 0x2, 0x0) r4 = syz_open_dev$ndb(&(0x7f0000000000), 0x0, 0x0) r5 = syz_open_dev$tty20(0xc, 0x4, 0x1) ioctl$TCXONC(r5, 0x4b45, 0x3) ioctl$NBD_SET_SOCK(r2, 0xab00, r3) ioctl$NBD_DO_IT(r4, 0xab03) ioctl$NBD_SET_SIZE_BLOCKS(r2, 0xab07, 0x6) ioctl$NBD_DISCONNECT(r4, 0xab08) ioctl$NBD_CLEAR_SOCK(r2, 0x125f) r6 = openat$nullb(0xffffffffffffff9c, &(0x7f0000000100), 0x80801, 0x0) ioctl$BLKTRACESTART(r6, 0x125f, 0x0) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f0000000080)=0xb0000) ioctl$IOCTL_VMCI_INIT_CONTEXT(r1, 0x7a0, &(0x7f0000000000)={@my=0x0}) ioctl$IOCTL_VMCI_CTX_GET_CPT_STATE(r1, 0x7b1, &(0x7f0000000140)={0x0, 0x6, 0xffffffffffffff3b}) memfd_create(&(0x7f00000000c0)='/dev/vmci\x00', 0x1) 515.114592ms ago: executing program 2 (id=106): bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x1, 0x803, 0x0) getsockname$packet(r1, &(0x7f0000000100)={0x11, 0x0, 0x0, 0x1, 0x0, 0x6, @broadcast}, &(0x7f00000001c0)=0x14) sendmsg$nl_route(r0, &(0x7f0000000280)={0x0, 0x600, &(0x7f0000000140)={&(0x7f0000000000)=@newlink={0x4c, 0x10, 0x403, 0x0, 0xefff, {0x0, 0x0, 0x0, 0x0, 0x88a9fde5}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @ipvlan={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_IPVLAN_MODE={0x6, 0x1, 0x2}]}}}, @IFLA_LINK={0x8, 0x5, r2}, @IFLA_MASTER={0x8, 0xa, r2}]}, 0x4c}}, 0x0) 444.897191ms ago: executing program 2 (id=107): r0 = socket(0x2, 0x3, 0x9) bind$inet(r0, &(0x7f0000000080)={0x2, 0x0, @multicast2}, 0x10) sendmmsg$inet(r0, &(0x7f0000004780)=[{{&(0x7f0000000000)={0x2, 0x4, @multicast2}, 0x10, 0x0}}, {{&(0x7f00000031c0)={0x2, 0x0, @broadcast}, 0x10, 0x0}}], 0x2, 0x0) 444.504955ms ago: executing program 2 (id=108): r0 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) setsockopt$bt_l2cap_L2CAP_LM(r0, 0x6, 0x3, &(0x7f0000000040)=0xb6, 0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async) openat$cgroup_root(0xffffffffffffff9c, 0x0, 0x200002, 0x0) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r1, &(0x7f0000000300)=""/102400, 0x19000) syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) (async) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async) r2 = openat$sequencer2(0xffffffffffffff9c, &(0x7f0000000100), 0x141a42, 0x0) (async) mknodat(0xffffffffffffff9c, &(0x7f00000000c0)='./file2\x00', 0x81c0, 0x0) execveat(0xffffffffffffff9c, &(0x7f0000000040)='./file2\x00', 0x0, 0x0, 0x0) r3 = openat$sysfs(0xffffffffffffff9c, &(0x7f0000000080)='/sys/block/loop0', 0x0, 0x0) symlinkat(&(0x7f0000000280)='./file2\x00', r3, &(0x7f0000000100)='./file2\x00') lsm_set_self_attr(0x65, &(0x7f0000000240)=ANY=[@ANYRESDEC=r3], 0x20, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x8, 0x5, &(0x7f0000019340)=ANY=[@ANYBLOB="1800000000300000000000000000000027000000222f00002500feff00000000950000000000000088c83dbac5aedd9ed039204fa944894d32d492bee26c0a49aadf15e057fae156b51a3d336bd5be07b190dfadd6fefe3d47d227e6b6c4a40458c7c743158f49ce0b80e5c921ad5760d52fa45fcdfd3893ec0ea1982e09f50bef0e9f1b8a060000004a56b5338ed4cb85de6e0784aff267ee09f8a1c36c72bdaef3348c4bf76692885de5612fea99f21b1bfe3b906462c54961c446d48dc1da8e3328bb92722fb851dad311549cc2784cf134545da72e9adf069ac58f9b44da8c79e4a83ed8076b8226f32e90d4225358691b912a0a8fc076396f929b39"], &(0x7f0000000000)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x78) (async, rerun: 32) ioctl$FAT_IOCTL_SET_ATTRIBUTES(0xffffffffffffffff, 0x40047211, &(0x7f0000000180)=0x2) (async, rerun: 32) r4 = syz_open_dev$tty1(0xc, 0x4, 0x1) (async) r5 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000400)={0x1, &(0x7f0000000380)=[{0x6, 0x0, 0x0, 0x7fffffff}]}) (async, rerun: 64) r6 = socket$unix(0x1, 0x5, 0x0) (rerun: 64) r7 = dup2(r6, r5) close_range(r7, 0xffffffffffffffff, 0x0) (async) r8 = landlock_create_ruleset(&(0x7f0000000040)={0x0, 0x2}, 0x10, 0x0) r9 = dup2(r7, r8) landlock_restrict_self(r9, 0x0) r10 = socket$inet_mptcp(0x2, 0x1, 0x106) bind(r10, &(0x7f0000000100)=@un=@file={0x1, './file0\x00'}, 0x80) ioctl$SNDCTL_SEQ_NRSYNTHS(r2, 0x8004510a, &(0x7f0000019300)) ioctl$VT_RELDISP(r4, 0x5605) r11 = socket$inet(0x2, 0x0, 0x2) setsockopt$inet_msfilter(r11, 0x0, 0x29, 0x0, 0x10) 345.314395ms ago: executing program 0 (id=109): r0 = socket$nl_netfilter(0x10, 0x3, 0xc) r1 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r1, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000180)="2e00000010008188040f80ec59acbc0413a1f848100000005e0c00f0ffffff180e000a001400000002801687121f", 0x2e}], 0x1}, 0x0) sendmsg$kcm(r1, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000001340)=[{&(0x7f0000000040)="2e00000010008188040f46ecdb4cb9cca7480ef410000000e3bd6efb010511000b000a000d000000ba800000", 0x2c}], 0x1, 0x0, 0x0, 0xc9e}, 0x0) bpf$MAP_CREATE(0x0, &(0x7f0000000000)=@base={0x11, 0x4, 0x4, 0xff, 0x0, 0xffffffffffffffff, 0x5, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0xfffffffc, 0x0, 0x0, @void, @value, @void, @value}, 0x50) r2 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000040), 0x62181) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r2, 0xc08c5332, &(0x7f00000001c0)={0x0, 0x1, 0x0, 'queue1\x00', 0x2}) write$sndseq(r2, &(0x7f0000000000)=[{0x84, 0x77, 0x0, 0x0, @tick, {}, {}, @raw32={[0x0, 0x9]}}], 0x1c) ioctl$SNDRV_SEQ_IOCTL_SET_CLIENT_POOL(r2, 0x4058534c, &(0x7f00000002c0)={0x80, 0x6, 0xfffffffe, 0x0, 0x0, 0x1}) mkdir(&(0x7f0000000000)='./file0\x00', 0x0) mount(0x0, &(0x7f0000000180)='./file0\x00', &(0x7f0000000080)='ramfs\x00', 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000340)='./file1\x00', 0x0) r3 = openat$dir(0xffffff9c, &(0x7f0000000280)='./file0\x00', 0x0, 0x20) symlinkat(&(0x7f0000000200)='./file0\x00', r3, &(0x7f0000000380)='./file1\x00') mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000900)={[{@upperdir={'upperdir', 0x3d, './file1'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@workdir={'workdir', 0x3d, './bus'}}]}) r4 = open(&(0x7f0000000140)='./file0\x00', 0x0, 0x0) chdir(&(0x7f00000003c0)='./bus\x00') linkat(r4, &(0x7f0000000100)='./file1\x00', r4, &(0x7f0000000240)='./file0\x00', 0x0) renameat2(0xffffffffffffff9c, &(0x7f0000000a00)='./file0\x00', 0xffffffffffffff9c, &(0x7f0000000600)='./file1\x00', 0x2) socket$packet(0x11, 0xa, 0x300) r5 = syz_open_dev$vim2m(&(0x7f0000000280), 0x800, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r5, 0xc008561c, &(0x7f0000000000)={0xf0f043}) ppoll(&(0x7f0000000300)=[{r5, 0x2007}], 0x1, 0x0, 0x0, 0x0) syz_emit_vhci(&(0x7f0000000400)=ANY=[@ANYBLOB="040e04fd0a20", @ANYBLOB="f891bc2c4357fec3617c6da05cdd08edfb40be0c8c481bcc82352956f0b528cec328fc630690878a454d69b1c67ab47b28997a45799985ad9577e2c27be3f4ca3be134f7a56941e5387d48495d0e03712f9830aab22d6b36a6e63152bd3b3ba2ec8711d072959b2f8687d4ce063474c626ce74a96bb93449105d26dbc76f82ce3d1600f08b9800ce7f8da4e2298d1c71bf2881075ac2ad41c09904ce7d43fd06e9", @ANYRES8=r3, @ANYRESOCT=r2], 0x7) r6 = openat$vcsa(0xffffff9c, &(0x7f0000000040), 0x80000, 0x0) lseek(r6, 0x277, 0x2) sendmsg$NFT_MSG_GETGEN(r0, &(0x7f0000000100)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f00000000c0)={&(0x7f0000000080)={0x14, 0x10, 0xa, 0x201, 0x0, 0x0, {0x3, 0x0, 0x8}, ["", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x4008840) syz_genetlink_get_family_id$nl80211(&(0x7f0000000300), 0xffffffffffffffff) 265.529074ms ago: executing program 0 (id=110): r0 = inotify_init1(0x0) fcntl$setown(r0, 0x8, 0xffffffffffffffff) fcntl$getownex(r0, 0x10, &(0x7f0000000100)={0x0, 0x0}) r2 = socket$tipc(0x1e, 0x5, 0x0) r3 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r3, 0x5423, &(0x7f0000000040)=0x1) ioctl$TCSETA(r3, 0x5406, &(0x7f0000000080)={0x6, 0xb42, 0xa, 0x400, 0x8, "22c8f2e0c05264d5"}) bind$tipc(r2, &(0x7f0000000000)=@nameseq={0x1e, 0x1, 0x0, {0x41}}, 0x10) r4 = socket$tipc(0x1e, 0x5, 0x0) sendmsg$tipc(r4, &(0x7f0000000240)={&(0x7f0000000080)=@name={0x1e, 0x2, 0x0, {{0x41}}}, 0x10, &(0x7f0000005640)=[{&(0x7f0000000040)="e0", 0x1}], 0x1}, 0x0) setsockopt$TIPC_GROUP_JOIN(r4, 0x10f, 0x87, &(0x7f00000000c0)={0x40}, 0x10) recvmmsg(r4, &(0x7f0000005c80)=[{{0x0, 0x0, &(0x7f0000003740)=[{&(0x7f0000001400)=""/119, 0x77}], 0x1, &(0x7f00000037c0)=""/153, 0x99}}], 0x1, 0x0, 0x0) process_vm_readv(r1, &(0x7f0000000040)=[{&(0x7f0000000080)=""/226, 0xe2}, {&(0x7f0000000000)=""/44, 0x2c}], 0x2, &(0x7f0000000180)=[{&(0x7f0000000300)=""/177, 0xb1}], 0x1, 0x0) 155.588312ms ago: executing program 0 (id=111): pipe(&(0x7f0000000140)={0xffffffffffffffff, 0xffffffffffffffff}) (async) sendmsg$nl_route(0xffffffffffffffff, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000700)={&(0x7f0000000000)=ANY=[@ANYBLOB="5c0000001000090400"/20, @ANYRES32=0x0, @ANYBLOB="000000000000000028001280090001007665746800000000180002801400010000000000", @ANYRES32=0x0, @ANYBLOB="00000000000000000a000100aaaaaa"], 0x5c}}, 0x0) (async) r2 = socket$inet_udp(0x2, 0x2, 0x0) (async) r3 = socket$nl_route(0x10, 0x3, 0x0) (async) r4 = socket$inet6_udplite(0xa, 0x2, 0x88) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r4, 0x89f1, &(0x7f0000000100)={'syztnl1\x00', &(0x7f0000000180)={'ip6_vti0\x00', 0x0, 0x2d, 0x6, 0xf8, 0x7b, 0x1, @mcast2, @mcast1, 0x10, 0x8, 0x1ff, 0x94}}) sendmsg$nl_route_sched(r3, &(0x7f00000004c0)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x400}, 0xc, &(0x7f0000000240)={&(0x7f00000002c0)=@delqdisc={0x1f4, 0x25, 0x200, 0x70bd2c, 0x25dfdbfc, {0x0, 0x0, 0x0, r5, {0x3}, {0xfffe, 0xfff3}, {0xd, 0xf}}, [@TCA_STAB={0x1ac, 0x8, 0x0, 0x1, [{{0x1c, 0x1, {0x0, 0x0, 0x40a, 0x7fff, 0x0, 0x3, 0x1, 0x1}}, {0x6, 0x2, [0x2]}}, {{0x1c, 0x1, {0x40, 0x4, 0x69, 0x3, 0x1, 0x45, 0x7, 0x8}}, {0x14, 0x2, [0x4, 0x400, 0x50, 0x5, 0x3, 0x7, 0x3, 0x42]}}, {{0x1c, 0x1, {0x4, 0x40, 0x5, 0x8, 0x0, 0x2, 0x7fffffff, 0x5}}, {0xe, 0x2, [0x6, 0x5, 0x6, 0x6, 0x5]}}, {{0x1c, 0x1, {0x5, 0x9, 0x8a, 0x0, 0x0, 0xcd, 0xfffffffc, 0x8}}, {0x14, 0x2, [0x9, 0x6, 0x2, 0x4, 0xf9, 0xde, 0x4, 0x4]}}, {{0x1c, 0x1, {0x0, 0x7f, 0x3, 0x38000, 0x2, 0x80000000, 0x7, 0x3}}, {0xa, 0x2, [0xfff9, 0x3, 0x4]}}, {{0x1c, 0x1, {0x8, 0x0, 0x2, 0x6c9, 0x0, 0x8, 0xfffff001, 0x4}}, {0xc, 0x2, [0x8, 0x2, 0x9, 0x4]}}, {{0x1c, 0x1, {0x7, 0x1, 0x7f, 0x2, 0x0, 0x9, 0x3, 0x4}}, {0xc, 0x2, [0x3, 0x6, 0xdb3, 0x1]}}, {{0x1c, 0x1, {0x4, 0x8, 0x0, 0x961d, 0x2, 0x7, 0x8, 0x9}}, {0x16, 0x2, [0x5, 0x0, 0x1, 0x4, 0x1, 0x7fff, 0x4, 0xffff, 0x101]}}, {{0x1c, 0x1, {0xfb, 0x7, 0x5, 0x80000000, 0x0, 0x2, 0x1, 0x1}}, {0x6, 0x2, [0x2]}}, {{0x1c, 0x1, {0x9f, 0x9, 0x7, 0x0, 0x0, 0x9, 0x1, 0x3}}, {0xa, 0x2, [0x8, 0x7fff, 0x0]}}]}, @qdisc_kind_options=@q_skbprio={{0xc}, {0x8, 0x2, 0x48}}, @TCA_RATE={0x6, 0x5, {0x1, 0x6}}, @TCA_EGRESS_BLOCK={0x8, 0xe, 0x2}]}, 0x1f4}, 0x1, 0x0, 0x0, 0x8000}, 0x4040864) (async) close(r2) (async) socket$netlink(0x10, 0x3, 0x0) (async) sendmsg$nl_route(0xffffffffffffffff, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000000)=ANY=[@ANYBLOB="4808000010001fff3a4ee9bfd5c3a3696c40af0b", @ANYRES32=0x0, @ANYBLOB="0000000000000000280012800a00010076786c616e"], 0x3}}, 0x0) (async) write$binfmt_misc(r1, &(0x7f0000000000), 0xfffffecc) (async) r6 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000001700), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r6, 0xc0285700, &(0x7f0000000080)={0x2, "d2c4924d5e89213dc64c3b6e6ff82a75e5318fca4288c2ffbdbec772020acd2c", 0xffffffffffffffff}) r8 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r8, 0xc0285700, &(0x7f00000002c0)={0x3, "421ae3753785259249154c944122ad063ff47d3bd7a8a45d6bb4c78a3ab4c981", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r7, 0xc0303e03, &(0x7f00000000c0)={"e50d1af889b4ea0700000000000000f3c49e4906eddfecd83634e4a37ef94add", r9, 0xffffffffffffffff}) dup3(r10, r6, 0x0) (async) ioctl$SYNC_IOC_MERGE(r10, 0xc0303e03, &(0x7f0000000040)={"0e949c816cdde22fa4886bbbdf822d206f9e430b5950ac4db58c00ace80b7659", r7}) (async) splice(r0, 0x0, r2, 0x0, 0x4ffe2, 0x0) 45.291775ms ago: executing program 0 (id=112): sendmsg$802154_dgram(0xffffffffffffffff, 0x0, 0x4008) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000080)={r0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) (fail_nth: 3) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, 0x0, 0x0) setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, 0x0, 0x1c) syz_emit_ethernet(0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getpeername(r1, 0x0, 0x0) 2.874777ms ago: executing program 0 (id=113): sendmsg$802154_dgram(0xffffffffffffffff, 0x0, 0x4008) r0 = bpf$PROG_LOAD_XDP(0x5, &(0x7f00000001c0)={0x6, 0x4, &(0x7f0000000000)=@framed={{0x18, 0x2}, [@call={0x85, 0x0, 0x0, 0xa0}]}, &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN_LIVE(0xa, &(0x7f0000000080)={r0, 0x0, 0x0, 0x0, 0x0, 0xffffffff00000000, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x50) setsockopt$inet_mreqsrc(0xffffffffffffffff, 0x0, 0x27, 0x0, 0x0) setsockopt$inet_msfilter(0xffffffffffffffff, 0x0, 0x29, 0x0, 0x1c) syz_emit_ethernet(0x0, 0x0, 0x0) setsockopt$inet_sctp6_SCTP_STREAM_SCHEDULER(0xffffffffffffffff, 0x84, 0x7b, 0x0, 0x0) r1 = socket$inet6_sctp(0xa, 0x1, 0x84) getpeername(r1, 0x0, 0x0) 0s ago: executing program 0 (id=114): openat$fb0(0xffffffffffffff9c, &(0x7f0000000000), 0x402, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) (async) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x1, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bce) syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) (async) r1 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) r2 = open(0x0, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) (async) read$msr(r1, &(0x7f0000019680)=""/102392, 0x18ff8) socket$key(0xf, 0x3, 0x2) sendmsg$key(0xffffffffffffffff, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) (async) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0) write$binfmt_misc(0xffffffffffffffff, &(0x7f0000000580), 0xd) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000100)=ANY=[@ANYBLOB="1e00000007000000471d00000000000000400000", @ANYRES32=r2, @ANYBLOB='\r\x00'/20, @ANYRES32=0x0, @ANYRES32, @ANYRES16], 0x50) bpf$MAP_UPDATE_BATCH(0x1a, &(0x7f0000000200)={0x0, 0x0, &(0x7f0000000140), &(0x7f00000005c0)="1c1d2873e6a640a30b12fc5f40e5252d383da1af08b0aa408fb2a54053288594f215fb8e57a62f23ea6e7b0c8e12ed08270600c7dcda43511614ca8daf50482b262694da87a6222a8f813348f87b942740fd44ef78c6c3ed054d2f9a3b55ace23d2d765b", 0x1000, r3}, 0x38) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) (async) r4 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000002cc0)={0x0, r4, 0x0, 0x4}, 0x18) r5 = socket$rxrpc(0x21, 0x2, 0xa) bind$rxrpc(r5, &(0x7f00000000c0)=@in4={0x21, 0x2, 0x2, 0x10, {0x2, 0x0, @broadcast}}, 0x24) bind$rxrpc(r5, &(0x7f0000000000)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x0, 0x0, @private0}}, 0x24) (async) bind$rxrpc(r5, &(0x7f0000000000)=@in6={0x21, 0x2, 0x2, 0x1c, {0xa, 0x0, 0x0, @private0}}, 0x24) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) (async) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, 0x0}, 0x0) syz_genetlink_get_family_id$nl80211(&(0x7f0000000040), 0xffffffffffffffff) openat$vsock(0xffffff9c, 0x0, 0x0, 0x0) (async) r6 = openat$vsock(0xffffff9c, 0x0, 0x0, 0x0) close_range(r6, 0xffffffffffffffff, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) (async) socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp6_SCTP_DISABLE_FRAGMENTS(r6, 0x84, 0x8, 0x0, &(0x7f0000000300)) syz_genetlink_get_family_id$nl80211(&(0x7f0000007bc0), 0xffffffffffffffff) socket$nl_generic(0x10, 0x3, 0x10) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:41711' (ED25519) to the list of known hosts. [ 34.818948][ T5331] cgroup: Unknown subsys name 'net' [ 34.942113][ T5331] cgroup: Unknown subsys name 'cpuset' [ 34.945231][ T5331] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 35.768467][ T5331] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 38.473038][ T5344] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 38.492152][ T64] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 38.509461][ T5356] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 38.512053][ T5356] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 38.514103][ T5356] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 38.517038][ T5356] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 38.519464][ T5356] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 38.521919][ T5356] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 38.524342][ T5356] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 38.526627][ T5356] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 38.528680][ T5356] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 38.531941][ T5356] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 38.534209][ T5356] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 38.537601][ T5360] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 38.540487][ T5360] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 38.540916][ T5356] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 38.542476][ T5360] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 38.545730][ T5356] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 38.546714][ T5360] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 38.548830][ T5356] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 38.551303][ T5360] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 38.555043][ T5360] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 38.556796][ T5360] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 38.559947][ T5361] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 38.763682][ T5346] chnl_net:caif_netlink_parms(): no params data found [ 38.773587][ T5354] chnl_net:caif_netlink_parms(): no params data found [ 38.864534][ T5343] chnl_net:caif_netlink_parms(): no params data found [ 38.867735][ T5351] chnl_net:caif_netlink_parms(): no params data found [ 38.961045][ T5346] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.962938][ T5346] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.964951][ T5346] bridge_slave_0: entered allmulticast mode [ 38.966996][ T5346] bridge_slave_0: entered promiscuous mode [ 38.982435][ T5354] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.984938][ T5354] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.987509][ T5354] bridge_slave_0: entered allmulticast mode [ 38.991010][ T5354] bridge_slave_0: entered promiscuous mode [ 39.024391][ T5346] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.026278][ T5346] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.028154][ T5346] bridge_slave_1: entered allmulticast mode [ 39.030717][ T5346] bridge_slave_1: entered promiscuous mode [ 39.051078][ T5354] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.053026][ T5354] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.054999][ T5354] bridge_slave_1: entered allmulticast mode [ 39.056988][ T5354] bridge_slave_1: entered promiscuous mode [ 39.115844][ T5346] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.128998][ T5354] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.163295][ T5346] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.167162][ T5354] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.170503][ T5343] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.172853][ T5343] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.174701][ T5343] bridge_slave_0: entered allmulticast mode [ 39.176597][ T5343] bridge_slave_0: entered promiscuous mode [ 39.178947][ T5343] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.181097][ T5343] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.182986][ T5343] bridge_slave_1: entered allmulticast mode [ 39.184957][ T5343] bridge_slave_1: entered promiscuous mode [ 39.187381][ T5351] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.189255][ T5351] bridge0: port 1(bridge_slave_0) entered disabled state [ 39.193514][ T5351] bridge_slave_0: entered allmulticast mode [ 39.195990][ T5351] bridge_slave_0: entered promiscuous mode [ 39.248339][ T5351] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.250471][ T5351] bridge0: port 2(bridge_slave_1) entered disabled state [ 39.252358][ T5351] bridge_slave_1: entered allmulticast mode [ 39.254315][ T5351] bridge_slave_1: entered promiscuous mode [ 39.276575][ T5346] team0: Port device team_slave_0 added [ 39.280036][ T5346] team0: Port device team_slave_1 added [ 39.283085][ T5354] team0: Port device team_slave_0 added [ 39.285652][ T5343] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.321448][ T5354] team0: Port device team_slave_1 added [ 39.324120][ T5343] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.327703][ T5351] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 39.332569][ T5351] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 39.335250][ T5346] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.337083][ T5346] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.343906][ T5346] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.374571][ T5346] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.376422][ T5346] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.383236][ T5346] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.394631][ T5354] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.396491][ T5354] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.404009][ T5354] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.427244][ T5354] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.429147][ T5354] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.435848][ T5354] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.440808][ T5343] team0: Port device team_slave_0 added [ 39.443980][ T5351] team0: Port device team_slave_0 added [ 39.459817][ T5343] team0: Port device team_slave_1 added [ 39.462128][ T5351] team0: Port device team_slave_1 added [ 39.514577][ T5351] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.516348][ T5351] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.523541][ T5351] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.527064][ T5351] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.528880][ T5351] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.535640][ T5351] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.542860][ T5346] hsr_slave_0: entered promiscuous mode [ 39.546140][ T5346] hsr_slave_1: entered promiscuous mode [ 39.551121][ T5343] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 39.552947][ T5343] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.559543][ T5343] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 39.563695][ T5343] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 39.565514][ T5343] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 39.572289][ T5343] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 39.622387][ T5354] hsr_slave_0: entered promiscuous mode [ 39.625481][ T5354] hsr_slave_1: entered promiscuous mode [ 39.628859][ T5354] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 39.632265][ T5354] Cannot create hsr debugfs directory [ 39.685558][ T5343] hsr_slave_0: entered promiscuous mode [ 39.688010][ T5343] hsr_slave_1: entered promiscuous mode [ 39.690262][ T5343] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 39.692260][ T5343] Cannot create hsr debugfs directory [ 39.697392][ T5351] hsr_slave_0: entered promiscuous mode [ 39.699456][ T5351] hsr_slave_1: entered promiscuous mode [ 39.702152][ T5351] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 39.704082][ T5351] Cannot create hsr debugfs directory [ 39.917056][ T5346] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 39.922479][ T5346] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 39.926326][ T5346] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 39.930686][ T5346] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 39.955309][ T5354] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 39.960660][ T5354] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 39.972739][ T5354] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 39.976691][ T5354] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 40.004782][ T5351] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 40.008075][ T5351] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 40.011401][ T5351] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 40.014512][ T5351] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 40.048325][ T5343] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 40.052526][ T5343] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 40.056160][ T5343] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 40.061939][ T5343] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 40.094498][ T5346] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.102455][ T5354] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.111993][ T5346] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.124786][ T68] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.126754][ T68] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.130412][ T68] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.133078][ T68] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.139856][ T5354] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.147644][ T1101] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.149528][ T1101] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.165160][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.167092][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.191323][ T5343] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.211196][ T5351] 8021q: adding VLAN 0 to HW filter on device bond0 [ 40.219367][ T5343] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.228507][ T11] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.230458][ T11] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.234111][ T11] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.236019][ T11] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.241332][ T5351] 8021q: adding VLAN 0 to HW filter on device team0 [ 40.258895][ T42] bridge0: port 1(bridge_slave_0) entered blocking state [ 40.260920][ T42] bridge0: port 1(bridge_slave_0) entered forwarding state [ 40.264923][ T42] bridge0: port 2(bridge_slave_1) entered blocking state [ 40.266792][ T42] bridge0: port 2(bridge_slave_1) entered forwarding state [ 40.285357][ T5351] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 40.288971][ T5351] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 40.295052][ T5343] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 40.316559][ T5346] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.322018][ T5354] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.343599][ T5354] veth0_vlan: entered promiscuous mode [ 40.348851][ T5354] veth1_vlan: entered promiscuous mode [ 40.368763][ T5354] veth0_macvtap: entered promiscuous mode [ 40.375960][ T5354] veth1_macvtap: entered promiscuous mode [ 40.381878][ T5346] veth0_vlan: entered promiscuous mode [ 40.387478][ T5346] veth1_vlan: entered promiscuous mode [ 40.395633][ T5351] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.399271][ T5343] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 40.404148][ T5354] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.411450][ T5354] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.422985][ T5354] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.425952][ T5354] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.428814][ T5354] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.432582][ T5354] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.460871][ T5346] veth0_macvtap: entered promiscuous mode [ 40.464066][ T5351] veth0_vlan: entered promiscuous mode [ 40.473489][ T5346] veth1_macvtap: entered promiscuous mode [ 40.480148][ T5343] veth0_vlan: entered promiscuous mode [ 40.486417][ T5351] veth1_vlan: entered promiscuous mode [ 40.497759][ T1096] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.498324][ T5343] veth1_vlan: entered promiscuous mode [ 40.501972][ T1096] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.512947][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.515849][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.519017][ T5346] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.524188][ T5346] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.526815][ T5346] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.530669][ T5346] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.541983][ T5351] veth0_macvtap: entered promiscuous mode [ 40.542324][ T11] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.545975][ T5346] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.546094][ T11] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.548312][ T5346] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.554527][ T5346] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.557551][ T5346] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.562977][ T5351] veth1_macvtap: entered promiscuous mode [ 40.573560][ T5343] veth0_macvtap: entered promiscuous mode [ 40.579015][ T5343] veth1_macvtap: entered promiscuous mode [ 40.587046][ T5351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.591378][ T5351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.594521][ T5351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.597866][ T5351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.605172][ T5351] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.619524][ T5354] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 40.622773][ T5351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.623576][ T4792] Bluetooth: hci3: command tx timeout [ 40.623972][ T5360] Bluetooth: hci0: command tx timeout [ 40.624190][ T5360] Bluetooth: hci2: command tx timeout [ 40.627959][ T5351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.630160][ T4792] Bluetooth: hci1: command tx timeout [ 40.638587][ T5351] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.643152][ T5351] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.647599][ T5351] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.652576][ T5351] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.654821][ T5351] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.657034][ T5351] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.659174][ T5351] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.680056][ T5343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.682804][ T5343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.685363][ T5343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.688135][ T5343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.691143][ T5343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 40.693929][ T5343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.697333][ T5343] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 40.739354][ T5343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.742834][ T5343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.745285][ T5343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.747888][ T5343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.750859][ T5343] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 40.753446][ T5343] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 40.756572][ T5343] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 40.759346][ T1101] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.762157][ T1101] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.765523][ T5343] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.767819][ T5343] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.770985][ T5343] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.773123][ T5343] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 40.794773][ T11] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.796761][ T11] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.823384][ T1096] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.825525][ T1096] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.837561][ T1096] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.839827][ T1096] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.850297][ T42] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.852348][ T42] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.869091][ T42] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 40.872653][ T42] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 40.913777][ T5416] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 41.067806][ T5422] netlink: 4 bytes leftover after parsing attributes in process `syz.3.6'. [ 42.700285][ T4792] Bluetooth: hci1: command tx timeout [ 42.700377][ T5360] Bluetooth: hci3: command tx timeout [ 42.701820][ T4792] Bluetooth: hci0: command tx timeout [ 42.703252][ T5360] Bluetooth: hci2: command tx timeout [ 43.959699][ T5422] syz.3.6 (5422) used greatest stack depth: 20752 bytes left [ 44.034168][ T5438] netlink: 'syz.3.9': attribute type 13 has an invalid length. [ 44.053640][ T5438] netlink: 152 bytes leftover after parsing attributes in process `syz.3.9'. [ 44.056930][ T5438] syz_tun: refused to change device tx_queue_len [ 44.058720][ T5438] A link change request failed with some changes committed already. Interface syz_tun may have been left with an inconsistent configuration, please check. [ 44.084616][ T5446] program syz.1.10 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 44.291959][ T68] Bluetooth: Error in BCSP hdr checksum [ 44.563004][ T11] Bluetooth: Error in BCSP hdr checksum [ 44.780505][ T4792] Bluetooth: hci0: command tx timeout [ 44.780542][ T5344] Bluetooth: hci3: command tx timeout [ 44.781994][ T5350] Bluetooth: hci1: command tx timeout [ 44.789788][ T5350] Bluetooth: hci2: command tx timeout [ 44.820162][ T42] Bluetooth: Error in BCSP hdr checksum [ 45.256869][ T5440] syz.1.10: page allocation failure: order:1, mode:0x10cc0(GFP_KERNEL|__GFP_NORETRY), nodemask=(null),cpuset=/,mems_allowed=0-1 [ 45.270396][ T5440] CPU: 0 UID: 0 PID: 5440 Comm: syz.1.10 Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 45.273918][ T5440] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 45.277501][ T5440] Call Trace: [ 45.278630][ T5440] [ 45.279648][ T5440] dump_stack_lvl+0x16c/0x1f0 [ 45.281254][ T5440] warn_alloc+0x24d/0x3a0 [ 45.282719][ T5440] ? __pfx_warn_alloc+0x10/0x10 [ 45.284360][ T5440] ? psi_memstall_leave+0x17d/0x250 [ 45.286129][ T5440] ? __alloc_pages_direct_compact+0x1b1/0x590 [ 45.288174][ T5440] ? __pfx___alloc_pages_direct_compact+0x10/0x10 [ 45.290308][ T5440] ? psi_memstall_leave+0x17d/0x250 [ 45.292068][ T5440] __alloc_pages_noprof+0x15ae/0x25c0 [ 45.293864][ T5440] ? __pfx___alloc_pages_noprof+0x10/0x10 [ 45.295768][ T5440] ? __pfx___schedule+0x10/0x10 [ 45.297410][ T5440] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 45.299428][ T5440] ? policy_nodemask+0xea/0x4e0 [ 45.301072][ T5440] alloc_pages_mpol_noprof+0x2c9/0x610 [ 45.302900][ T5440] ? __pfx_alloc_pages_mpol_noprof+0x10/0x10 [ 45.304940][ T5440] ? lockdep_hardirqs_on+0x7c/0x110 [ 45.306689][ T5440] kimage_alloc_pages+0x75/0x300 [ 45.308380][ T5440] kimage_alloc_control_pages+0x148/0x8e0 [ 45.310288][ T5440] ? __pfx_kimage_alloc_control_pages+0x10/0x10 [ 45.312388][ T5440] do_kexec_load+0x38a/0x8c0 [ 45.313947][ T5440] ? __pfx_do_kexec_load+0x10/0x10 [ 45.315659][ T5440] __do_compat_sys_kexec_load+0x2cf/0x330 [ 45.317574][ T5440] ? __pfx___do_compat_sys_kexec_load+0x10/0x10 [ 45.319707][ T5440] __do_fast_syscall_32+0x73/0x120 [ 45.321454][ T5440] do_fast_syscall_32+0x32/0x80 [ 45.323094][ T5440] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 45.325227][ T5440] RIP: 0023:0xf7f73579 [ 45.326593][ T5440] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 45.332999][ T5440] RSP: 002b:00000000f56f656c EFLAGS: 00000296 ORIG_RAX: 000000000000011b [ 45.335852][ T5440] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 0000000000000001 [ 45.338505][ T5440] RDX: 00000000200012c0 RSI: 0000000000160000 RDI: 0000000000000000 [ 45.341151][ T5440] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 45.343790][ T5440] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 45.346441][ T5440] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 45.349107][ T5440] [ 45.352226][ T5440] Mem-Info: [ 45.353580][ T5440] active_anon:2218 inactive_anon:3 isolated_anon:0 [ 45.353580][ T5440] active_file:2713 inactive_file:8258 isolated_file:0 [ 45.353580][ T5440] unevictable:768 dirty:1588 writeback:0 [ 45.353580][ T5440] slab_reclaimable:4608 slab_unreclaimable:49267 [ 45.353580][ T5440] mapped:16363 shmem:865 pagetables:651 [ 45.353580][ T5440] sec_pagetables:302 bounce:0 [ 45.353580][ T5440] kernel_misc_reclaimable:0 [ 45.353580][ T5440] free:21434 free_pcp:611 free_cma:0 [ 45.366750][ T5440] Node 0 active_anon:4kB inactive_anon:8kB active_file:988kB inactive_file:2124kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:10560kB dirty:3064kB writeback:0kB shmem:1536kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:9384kB pagetables:1380kB sec_pagetables:1196kB all_unreclaimable? no [ 45.375074][ T5440] Node 1 active_anon:8868kB inactive_anon:4kB active_file:10040kB inactive_file:30032kB unevictable:1536kB isolated(anon):0kB isolated(file):0kB mapped:54892kB dirty:3288kB writeback:0kB shmem:1924kB shmem_thp:0kB shmem_pmdmapped:0kB anon_thp:0kB writeback_tmp:0kB kernel_stack:1848kB pagetables:1224kB sec_pagetables:12kB all_unreclaimable? no [ 45.386022][ T5440] Node 0 DMA free:732kB boost:0kB min:760kB low:948kB high:1136kB reserved_highatomic:0KB active_anon:0kB inactive_anon:0kB active_file:0kB inactive_file:0kB unevictable:0kB writepending:0kB present:15992kB managed:15360kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 45.395070][ T5440] lowmem_reserve[]: 0 273 0 0 0 [ 45.396459][ T5440] Node 0 DMA32 free:15476kB boost:0kB min:13904kB low:17380kB high:20856kB reserved_highatomic:2048KB active_anon:4kB inactive_anon:8kB active_file:464kB inactive_file:2640kB unevictable:1536kB writepending:3064kB present:1032196kB managed:306280kB mlocked:0kB bounce:0kB free_pcp:0kB local_pcp:0kB free_cma:0kB [ 45.406157][ T5440] lowmem_reserve[]: 0 0 0 0 0 [ 45.407452][ T5440] Node 1 DMA32 free:71544kB boost:0kB min:47144kB low:58928kB high:70712kB reserved_highatomic:0KB active_anon:8868kB inactive_anon:4kB active_file:10040kB inactive_file:30252kB unevictable:1536kB writepending:3288kB present:1048432kB managed:948252kB mlocked:0kB bounce:0kB free_pcp:1804kB local_pcp:924kB free_cma:0kB [ 45.418049][ T5440] lowmem_reserve[]: 0 0 0 0 0 [ 45.419456][ T5440] Node 0 DMA: 3*4kB (U) 2*8kB (U) 0*16kB 22*32kB (U) 0*64kB 0*128kB 0*256kB 0*512kB 0*1024kB 0*2048kB 0*4096kB = 732kB [ 45.422974][ T5440] Node 0 DMA32: 103*4kB (UM) 89*8kB (UMEH) 72*16kB (MEH) 83*32kB (MEH) 77*64kB (UMEH) 31*128kB (UME) 4*256kB (UM) 0*512kB 0*1024kB 0*2048kB 0*4096kB = 14852kB [ 45.428668][ T5440] Node 1 DMA32: 234*4kB (UME) 79*8kB (UME) 58*16kB (UME) 49*32kB (UME) 27*64kB (UME) 17*128kB (UME) 20*256kB (UM) 17*512kB (UM) 11*1024kB (M) 7*2048kB (M) 6*4096kB (M) = 71968kB [ 45.433648][ T5440] Node 0 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 45.436952][ T5440] Node 0 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 45.440237][ T5440] Node 1 hugepages_total=0 hugepages_free=0 hugepages_surp=0 hugepages_size=1048576kB [ 45.443488][ T5440] Node 1 hugepages_total=2 hugepages_free=2 hugepages_surp=0 hugepages_size=2048kB [ 45.446677][ T5440] 11929 total pagecache pages [ 45.448039][ T5440] 280 pages in swap cache [ 45.449234][ T5440] Free swap = 111280kB [ 45.450594][ T5440] Total swap = 124996kB [ 45.452186][ T5440] 524155 pages RAM [ 45.453282][ T5440] 0 pages HighMem/MovableOnly [ 45.454585][ T5440] 206682 pages reserved [ 45.455743][ T5440] 0 pages cma reserved [ 45.821782][ T5440] kexec: Could not allocate control_code_buffer [ 46.059869][ T5360] Bluetooth: hci5: Opcode 0x1003 failed: -110 [ 46.073325][ T5361] Bluetooth: hci4: Opcode 0x1003 failed: -110 [ 46.073801][ T5360] Bluetooth: hci4: command 0x1003 tx timeout [ 46.222491][ T5455] netlink: 4 bytes leftover after parsing attributes in process `syz.0.12'. [ 46.390178][ T5408] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 46.559940][ T5408] usb 6-1: Using ep0 maxpacket: 32 [ 46.564713][ T5408] usb 6-1: config 0 interface 0 altsetting 0 bulk endpoint 0x85 has invalid maxpacket 36 [ 46.569531][ T5408] usb 6-1: New USB device found, idVendor=14c8, idProduct=0003, bcdDevice= 5.6c [ 46.572315][ T5408] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 46.574450][ T5408] usb 6-1: Product: syz [ 46.575564][ T5408] usb 6-1: Manufacturer: syz [ 46.576788][ T5408] usb 6-1: SerialNumber: syz [ 46.580805][ T5408] usb 6-1: config 0 descriptor?? [ 46.584891][ T5452] raw-gadget.0 gadget.1: fail, usb_ep_enable returned -22 [ 46.592922][ T5408] hub 6-1:0.0: bad descriptor, ignoring hub [ 46.594815][ T5408] hub 6-1:0.0: probe with driver hub failed with error -5 [ 46.599701][ T5408] input: syz syz as /devices/platform/dummy_hcd.1/usb6/6-1/6-1:0.0/input/input6 [ 46.633544][ T5467] process 'syz.2.16' launched './file2' with NULL argv: empty string added [ 46.670545][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 46.860626][ T5361] Bluetooth: hci3: command tx timeout [ 46.860654][ T5360] Bluetooth: hci2: command tx timeout [ 46.862497][ T4792] Bluetooth: hci1: command tx timeout [ 46.863547][ T5344] Bluetooth: hci0: command tx timeout [ 47.029035][ C0] usbtouchscreen 6-1:0.0: usbtouch_irq - usb_submit_urb failed with result: -19 [ 47.029084][ T30] usb 6-1: USB disconnect, device number 2 [ 47.080274][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 47.093905][ T5473] netlink: 4 bytes leftover after parsing attributes in process `syz.0.17'. [ 47.287231][ T5485] netlink: 4 bytes leftover after parsing attributes in process `syz.3.18'. [ 47.781026][ T5495] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 48.049737][ T5349] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 48.180242][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 48.237205][ T5349] usb 6-1: Using ep0 maxpacket: 8 [ 48.241510][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 48.242717][ T5349] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 48.245711][ T5349] usb 6-1: can't read configurations, error -61 [ 48.404129][ T5349] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 48.595257][ T5349] usb 6-1: Using ep0 maxpacket: 8 [ 48.606760][ T5349] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 48.608793][ T5349] usb 6-1: can't read configurations, error -61 [ 48.624436][ T5349] usb usb6-port1: attempt power cycle [ 48.697864][ T5510] netlink: 4 bytes leftover after parsing attributes in process `syz.0.23'. [ 48.974570][ T5350] Bluetooth: hci2: command 0x0406 tx timeout [ 48.989697][ T5349] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 49.020329][ T5349] usb 6-1: Using ep0 maxpacket: 8 [ 49.024866][ T5349] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 49.026832][ T5349] usb 6-1: can't read configurations, error -61 [ 49.170056][ T5349] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 49.200148][ T5349] usb 6-1: Using ep0 maxpacket: 8 [ 49.203259][ T5349] usb 6-1: unable to read config index 0 descriptor/start: -61 [ 49.205248][ T5349] usb 6-1: can't read configurations, error -61 [ 49.207412][ T5349] usb usb6-port1: unable to enumerate USB device [ 50.129513][ T5514] netlink: 4 bytes leftover after parsing attributes in process `syz.2.25'. [ 50.602481][ T5527] netlink: 4 bytes leftover after parsing attributes in process `syz.2.27'. [ 52.083107][ T5542] Driver unsupported XDP return value 0 on prog (id 10) dev N/A, expect packet loss! [ 52.164023][ T5548] netlink: 4 bytes leftover after parsing attributes in process `syz.3.34'. [ 52.350380][ T5555] netlink: 4 bytes leftover after parsing attributes in process `syz.1.35'. [ 52.689747][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 53.099966][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 53.102650][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 53.104837][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 53.107028][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 53.109222][ T0] NOHZ tick-stop error: local softirq work is pending, handler #08!!! [ 53.354695][ T5570] Zero length message leads to an empty skb [ 53.411288][ T5570] netlink: 28 bytes leftover after parsing attributes in process `syz.3.38'. [ 54.570324][ T1997] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 54.571436][ T5600] netlink: 4 bytes leftover after parsing attributes in process `syz.0.47'. [ 55.258912][ T1997] usb 7-1: Using ep0 maxpacket: 32 [ 55.274084][ T1997] usb 7-1: descriptor type invalid, skip [ 55.278147][ T1997] usb 7-1: config 1 interface 0 altsetting 252 bulk endpoint 0x1 has invalid maxpacket 16 [ 55.281339][ T1997] usb 7-1: config 1 interface 0 has no altsetting 0 [ 55.287575][ T1997] usb 7-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 55.289926][ T1997] usb 7-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 55.291960][ T1997] usb 7-1: Product: syz [ 55.293031][ T1997] usb 7-1: Manufacturer: syz [ 55.294218][ T1997] usb 7-1: SerialNumber: syz [ 55.304757][ T5591] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 55.797042][ T5360] Bluetooth: hci3: command 0x0405 tx timeout [ 56.306662][ T1997] usb 7-1: USB disconnect, device number 2 [ 56.924253][ T5629] netlink: 4 bytes leftover after parsing attributes in process `syz.2.57'. [ 57.453212][ T5635] netlink: 4 bytes leftover after parsing attributes in process `syz.2.58'. [ 58.274849][ T5646] netlink: 4 bytes leftover after parsing attributes in process `syz.1.60'. [ 59.246044][ T5662] netlink: 28 bytes leftover after parsing attributes in process `syz.1.66'. [ 59.478006][ T5663] vivid-002: ================= START STATUS ================= [ 59.480416][ T5663] vivid-002: Radio HW Seek Mode: Bounded [ 59.483156][ T5663] vivid-002: Radio Programmable HW Seek: false [ 59.485622][ T5663] vivid-002: RDS Rx I/O Mode: Block I/O [ 59.487278][ T5663] vivid-002: Generate RBDS Instead of RDS: false [ 59.489374][ T5663] vivid-002: RDS Reception: true [ 59.491262][ T5663] vivid-002: RDS Program Type: 0 inactive [ 59.492821][ T5663] vivid-002: RDS PS Name: inactive [ 59.494210][ T5663] vivid-002: RDS Radio Text: inactive [ 59.495661][ T5663] vivid-002: RDS Traffic Announcement: false inactive [ 59.497452][ T5663] vivid-002: RDS Traffic Program: false inactive [ 59.499437][ T5663] vivid-002: RDS Music: false inactive [ 59.502433][ T5663] vivid-002: ================== END STATUS ================== [ 60.091454][ T5672] loop9: detected capacity change from 0 to 7 [ 60.094713][ T5672] loop9: [CUMANA/ADFS] p1 [ADFS] p1 [ 60.096185][ T5672] loop9: partition table partially beyond EOD, truncated [ 60.098886][ T5672] loop9: p1 size 1139518251 extends beyond EOD, truncated [ 60.141894][ T5358] udevd[5358]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory [ 60.196373][ T5674] netlink: 4 bytes leftover after parsing attributes in process `syz.2.69'. [ 61.093230][ T5699] netlink: 4 bytes leftover after parsing attributes in process `syz.3.76'. [ 62.404108][ T5714] loop9: detected capacity change from 0 to 7 [ 62.406771][ T5714] loop9: [CUMANA/ADFS] p1 [ADFS] p1 [ 62.408220][ T5714] loop9: partition table partially beyond EOD, truncated [ 62.413913][ T5714] loop9: p1 size 1139518251 extends beyond EOD, truncated [ 62.427007][ T5358] udevd[5358]: inotify_add_watch(7, /dev/loop9p1, 10) failed: No such file or directory [ 62.647837][ T5721] Cannot find map_set index 0 as target [ 64.240697][ T5744] FAULT_INJECTION: forcing a failure. [ 64.240697][ T5744] name failslab, interval 1, probability 0, space 0, times 1 [ 64.244955][ T5744] CPU: 0 UID: 0 PID: 5744 Comm: syz.1.92 Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 64.247711][ T5744] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 64.250481][ T5744] Call Trace: [ 64.251370][ T5744] [ 64.252177][ T5744] dump_stack_lvl+0x16c/0x1f0 [ 64.253438][ T5744] should_fail_ex+0x497/0x5b0 [ 64.254697][ T5744] ? fs_reclaim_acquire+0xae/0x160 [ 64.256322][ T5744] should_failslab+0xc2/0x120 [ 64.257575][ T5744] __kmalloc_noprof+0xcb/0x410 [ 64.258838][ T5744] ? bitmap_find_next_zero_area_off+0xb0/0xd0 [ 64.260465][ T5744] __vb2_queue_alloc+0x238/0x1230 [ 64.261803][ T5744] ? rcu_is_watching+0x12/0xc0 [ 64.263010][ T5744] ? trace_kmalloc+0x2d/0xe0 [ 64.264182][ T5744] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 64.265737][ T5744] vb2_core_reqbufs+0xa73/0xfb0 [ 64.267022][ T5744] ? __pfx_vb2_core_reqbufs+0x10/0x10 [ 64.268455][ T5744] ? __pfx___mutex_trylock_common+0x10/0x10 [ 64.270144][ T5744] ? rcu_is_watching+0x12/0xc0 [ 64.271831][ T5744] ? trace_contention_end+0xea/0x140 [ 64.273692][ T5744] vb2_reqbufs+0x1a5/0x1f0 [ 64.275255][ T5744] ? __video_do_ioctl+0x4a2/0xf00 [ 64.277027][ T5744] ? __pfx_vb2_reqbufs+0x10/0x10 [ 64.278345][ T5744] ? __pfx___mutex_lock+0x10/0x10 [ 64.279648][ T5744] ? find_held_lock+0x2d/0x110 [ 64.280938][ T5744] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 64.282464][ T5744] v4l2_m2m_ioctl_reqbufs+0xdc/0x1e0 [ 64.283877][ T5744] v4l_reqbufs+0x193/0x1d0 [ 64.285058][ T5744] __video_do_ioctl+0xaf0/0xf00 [ 64.286334][ T5744] ? __pfx___video_do_ioctl+0x10/0x10 [ 64.287780][ T5744] video_usercopy+0x426/0x1500 [ 64.289040][ T5744] ? __pfx___video_do_ioctl+0x10/0x10 [ 64.290448][ T5744] ? __pfx_video_usercopy+0x10/0x10 [ 64.291839][ T5744] v4l2_ioctl+0x1ba/0x250 [ 64.292993][ T5744] v4l2_compat_ioctl32+0x214/0x2c0 [ 64.294338][ T5744] ? __pfx_v4l2_compat_ioctl32+0x10/0x10 [ 64.295829][ T5744] __do_compat_sys_ioctl+0x259/0x2b0 [ 64.297214][ T5744] __do_fast_syscall_32+0x73/0x120 [ 64.298548][ T5744] do_fast_syscall_32+0x32/0x80 [ 64.299846][ T5744] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 64.301495][ T5744] RIP: 0023:0xf7f73579 [ 64.302568][ T5744] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 64.307539][ T5744] RSP: 002b:00000000f56d556c EFLAGS: 00000296 ORIG_RAX: 0000000000000036 [ 64.309704][ T5744] RAX: ffffffffffffffda RBX: 000000000000000b RCX: 00000000c0145608 [ 64.311759][ T5744] RDX: 0000000020000040 RSI: 0000000000000000 RDI: 0000000000000000 [ 64.313819][ T5744] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 64.315892][ T5744] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 64.317944][ T5744] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 64.320011][ T5744] [ 64.320917][ C0] vkms_vblank_simulate: vblank timer overrun [ 64.369362][ T5746] team0: invalid flags given to default FDB implementation [ 64.829711][ T73] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 65.021273][ T73] usb 8-1: Using ep0 maxpacket: 8 [ 65.028535][ T73] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 65.033698][ T73] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 2 [ 65.036990][ T73] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 100, changing to 10 [ 65.041904][ T73] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 24936, setting to 1024 [ 65.047868][ T73] usb 8-1: New USB device found, idVendor=0225, idProduct=0000, bcdDevice= 0.00 [ 65.061941][ T73] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 65.072162][ T73] hub 8-1:1.0: bad descriptor, ignoring hub [ 65.073735][ T5758] vivid-000: ================= START STATUS ================= [ 65.074761][ T73] hub 8-1:1.0: probe with driver hub failed with error -5 [ 65.075149][ T73] cdc_wdm 8-1:1.0: skipping garbage [ 65.077433][ T5758] vivid-000: Radio HW Seek Mode: Bounded [ 65.087239][ T5758] vivid-000: Radio Programmable HW Seek: false [ 65.089243][ T73] cdc_wdm 8-1:1.0: skipping garbage [ 65.089442][ T5758] vivid-000: RDS Rx I/O Mode: Block I/O [ 65.092585][ T73] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 65.093237][ T5758] vivid-000: Generate RBDS Instead of RDS: [ 65.094418][ T73] cdc_wdm 8-1:1.0: Unknown control protocol [ 65.098820][ T5758] false [ 65.099945][ T5758] vivid-000: RDS Reception: true [ 65.102046][ T5758] vivid-000: RDS Program Type: 0 inactive [ 65.105723][ T5758] vivid-000: RDS PS Name: inactive [ 65.107305][ T5758] vivid-000: RDS Radio Text: inactive [ 65.109250][ T5758] vivid-000: RDS Traffic Announcement: false inactive [ 65.111983][ T5758] vivid-000: RDS Traffic Program: false inactive [ 65.113648][ T5758] vivid-000: RDS Music: false inactive [ 65.115072][ T5758] vivid-000: ================== END STATUS ================== [ 65.733462][ C3] TCP: request_sock_subflow_v6: Possible SYN flooding on port [::]:20002. Sending cookies. [ 66.039872][ T5784] nbd2: detected capacity change from 0 to 12 [ 66.043189][ T5785] block nbd2: NBD_DISCONNECT [ 66.043990][ T5358] block nbd2: Send control failed (result -89) [ 66.046579][ T5358] block nbd2: Request send failed, requeueing [ 66.048790][ T5358] block nbd2: Disconnected due to user request. [ 66.052152][ T5785] block nbd2: Send disconnect failed -89 [ 66.055249][ T122] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 66.057846][ T122] Buffer I/O error on dev nbd2, logical block 0, async page read [ 66.061010][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 66.063521][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read [ 66.065848][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 66.068255][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read [ 66.070754][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 66.073254][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read [ 66.075477][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 66.077924][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read [ 66.080479][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 66.082893][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read [ 66.085044][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 66.087397][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read [ 66.089564][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 66.093018][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read [ 66.096035][ T5358] ldm_validate_partition_table(): Disk read failed. [ 66.097939][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 66.106985][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read [ 66.109878][ T5358] I/O error, dev nbd2, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 66.113630][ T5358] Buffer I/O error on dev nbd2, logical block 0, async page read [ 66.116784][ T5358] Dev nbd2: unable to read RDB block 0 [ 66.119005][ T5358] nbd2: unable to read partition table [ 66.121090][ T5358] nbd2: partition table beyond EOD, truncated [ 66.124254][ T5782] ldm_validate_partition_table(): Disk read failed. [ 66.126226][ T5782] Dev nbd2: unable to read RDB block 0 [ 66.127832][ T5782] nbd2: unable to read partition table [ 66.129365][ T5782] nbd2: partition table beyond EOD, truncated [ 66.132746][ T5358] ldm_validate_partition_table(): Disk read failed. [ 66.134762][ T5358] Dev nbd2: unable to read RDB block 0 [ 66.136418][ T5358] nbd2: unable to read partition table [ 66.138086][ T5358] nbd2: partition table beyond EOD, truncated [ 66.297653][ T5798] netlink: 'syz.0.109': attribute type 10 has an invalid length. [ 66.303576][ T5798] batman_adv: batadv0: Adding interface: team0 [ 66.305526][ T5798] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 66.314130][ T5798] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 66.336013][ T5798] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 66.402423][ T5800] ptrace attach of "/syz-executor exec"[5346] was attempted by "/syz-executor exec"[5800] [ 66.493827][ T5802] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 66.557998][ T5809] FAULT_INJECTION: forcing a failure. [ 66.557998][ T5809] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 66.561963][ T5809] CPU: 2 UID: 0 PID: 5809 Comm: syz.0.112 Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 66.564627][ T5809] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 66.568130][ T5809] Call Trace: [ 66.569381][ T5809] [ 66.570490][ T5809] dump_stack_lvl+0x16c/0x1f0 [ 66.572251][ T5809] should_fail_ex+0x497/0x5b0 [ 66.574013][ T5809] _copy_from_user+0x30/0xf0 [ 66.575731][ T5809] bpf_test_init.isra.0+0xf1/0x150 [ 66.577088][ T5809] bpf_prog_test_run_xdp+0x4f0/0x1580 [ 66.578492][ T5809] ? lock_acquire+0x2f/0xb0 [ 66.579692][ T5809] ? __fget_files+0x40/0x3f0 [ 66.580899][ T5809] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 66.582416][ T5809] ? fput+0x30/0x390 [ 66.583449][ T5809] ? __bpf_prog_get+0xa0/0x290 [ 66.584734][ T5809] ? __pfx_bpf_prog_test_run_xdp+0x10/0x10 [ 66.586509][ T5809] __sys_bpf+0x1921/0x5780 [ 66.588187][ T5809] ? ksys_write+0x21e/0x260 [ 66.589877][ T5809] ? __pfx___sys_bpf+0x10/0x10 [ 66.591661][ T5809] ? vfs_write+0x14d/0x1140 [ 66.593382][ T5809] ? __mutex_unlock_slowpath+0x164/0x650 [ 66.596228][ T5809] ? fput+0x30/0x390 [ 66.597253][ T5809] ? ksys_write+0x1ad/0x260 [ 66.598441][ T5809] ? __pfx_ksys_write+0x10/0x10 [ 66.599732][ T5809] __ia32_sys_bpf+0x76/0xe0 [ 66.600930][ T5809] __do_fast_syscall_32+0x73/0x120 [ 66.602274][ T5809] do_fast_syscall_32+0x32/0x80 [ 66.603549][ T5809] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 66.605222][ T5809] RIP: 0023:0xf7f7f579 [ 66.606534][ T5809] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 66.613542][ T5809] RSP: 002b:00000000f570656c EFLAGS: 00000296 ORIG_RAX: 0000000000000165 [ 66.616549][ T5809] RAX: ffffffffffffffda RBX: 000000000000000a RCX: 0000000020000080 [ 66.618749][ T5809] RDX: 0000000000000050 RSI: 0000000000000000 RDI: 0000000000000000 [ 66.620673][ T5809] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 66.622733][ T5809] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 66.624768][ T5809] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 66.626844][ T5809] [ 67.038704][ C3] vxcan0: j1939_tp_rxtimer: 0xffff888000427800: rx timeout, send abort [ 67.041881][ C3] vxcan0: j1939_xtp_rx_abort_one: 0xffff888000427800: 0x20000: (3) A timeout occurred and this is the connection abort to close the session. [ 67.045668][ C3] ------------[ cut here ]------------ [ 67.047097][ C3] refcount_t: underflow; use-after-free. [ 67.048916][ C3] WARNING: CPU: 3 PID: 34 at lib/refcount.c:28 refcount_warn_saturate+0x14a/0x210 [ 67.052241][ C3] Modules linked in: [ 67.053391][ C3] CPU: 3 UID: 0 PID: 34 Comm: ksoftirqd/3 Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 67.057622][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 67.060475][ C3] RIP: 0010:refcount_warn_saturate+0x14a/0x210 [ 67.062098][ C3] Code: ff 89 de e8 a8 2e 04 fd 84 db 0f 85 66 ff ff ff e8 bb 2c 04 fd c6 05 0a 14 7d 0b 01 90 48 c7 c7 60 d6 b0 8b e8 07 ac c5 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 98 2c 04 fd 0f b6 1d e5 13 7d 0b 31 [ 67.067073][ C3] RSP: 0018:ffffc900005c77c8 EFLAGS: 00010286 [ 67.068670][ C3] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff814e28b9 [ 67.070778][ C3] RDX: ffff88801bb7c880 RSI: ffffffff814e28c6 RDI: 0000000000000001 [ 67.072848][ C3] RBP: ffff88802ac160e4 R08: 0000000000000001 R09: 0000000000000000 [ 67.074906][ C3] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000002 [ 67.077002][ C3] R13: 0000000000000000 R14: ffff88802ac160e4 R15: 0000000000000001 [ 67.079055][ C3] FS: 0000000000000000(0000) GS:ffff88802b700000(0000) knlGS:0000000000000000 [ 67.081415][ C3] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 [ 67.083134][ C3] CR2: 0000000020028000 CR3: 0000000026246000 CR4: 0000000000352ef0 [ 67.085204][ C3] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 67.087243][ C3] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 67.089310][ C3] Call Trace: [ 67.090219][ C3] [ 67.090995][ C3] ? __warn+0xea/0x3d0 [ 67.092071][ C3] ? refcount_warn_saturate+0x14a/0x210 [ 67.093509][ C3] ? report_bug+0x3c0/0x580 [ 67.094697][ C3] ? handle_bug+0x54/0xa0 [ 67.095838][ C3] ? exc_invalid_op+0x17/0x50 [ 67.097066][ C3] ? asm_exc_invalid_op+0x1a/0x20 [ 67.098378][ C3] ? __warn_printk+0x199/0x350 [ 67.099676][ C3] ? __warn_printk+0x1a6/0x350 [ 67.101194][ C3] ? refcount_warn_saturate+0x14a/0x210 [ 67.102630][ C3] ? refcount_warn_saturate+0x149/0x210 [ 67.104070][ C3] sk_skb_reason_drop+0x183/0x1a0 [ 67.105375][ C3] j1939_session_destroy+0x163/0x460 [ 67.106752][ C3] j1939_xtp_rx_abort_one+0x3f9/0x560 [ 67.108162][ C3] j1939_tp_recv+0xcf8/0xf50 [ 67.109367][ C3] j1939_can_recv+0x78f/0xa50 [ 67.110628][ C3] ? __pfx_j1939_can_recv+0x10/0x10 [ 67.111989][ C3] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 67.113436][ C3] ? rcu_is_watching+0x12/0xc0 [ 67.114687][ C3] ? trace_lock_acquire+0x14a/0x1d0 [ 67.116040][ C3] ? __pfx_j1939_can_recv+0x10/0x10 [ 67.118189][ C3] can_rcv_filter+0x2a8/0x900 [ 67.119386][ C3] can_receive+0x320/0x5c0 [ 67.120578][ C3] ? __pfx_can_rcv+0x10/0x10 [ 67.121795][ C3] can_rcv+0x1e2/0x280 [ 67.122862][ C3] __netif_receive_skb_one_core+0x1b1/0x1e0 [ 67.124464][ C3] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 67.126135][ C3] ? trace_lock_acquire+0x14a/0x1d0 [ 67.127540][ C3] ? process_backlog+0x3f1/0x15f0 [ 67.128863][ C3] ? process_backlog+0x3f1/0x15f0 [ 67.130228][ C3] __netif_receive_skb+0x1d/0x160 [ 67.131545][ C3] process_backlog+0x443/0x15f0 [ 67.132831][ C3] __napi_poll.constprop.0+0xb7/0x550 [ 67.134229][ C3] net_rx_action+0xa92/0x1010 [ 67.135474][ C3] ? __pfx_net_rx_action+0x10/0x10 [ 67.136816][ C3] ? __switch_to+0x749/0x1180 [ 67.138052][ C3] ? kvm_sched_clock_read+0x11/0x20 [ 67.139405][ C3] ? sched_clock+0x38/0x60 [ 67.140620][ C3] ? sched_clock_cpu+0x6d/0x4d0 [ 67.141909][ C3] handle_softirqs+0x213/0x8f0 [ 67.143157][ C3] ? __pfx_handle_softirqs+0x10/0x10 [ 67.144545][ C3] ? rcu_is_watching+0x12/0xc0 [ 67.145799][ C3] ? __pfx_run_ksoftirqd+0x10/0x10 [ 67.147128][ C3] ? smpboot_thread_fn+0x59d/0xa30 [ 67.148483][ C3] run_ksoftirqd+0x3a/0x60 [ 67.149713][ C3] smpboot_thread_fn+0x661/0xa30 [ 67.151009][ C3] ? __kthread_parkme+0x148/0x220 [ 67.152328][ C3] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 67.153743][ C3] kthread+0x2c1/0x3a0 [ 67.154807][ C3] ? _raw_spin_unlock_irq+0x23/0x50 [ 67.156168][ C3] ? __pfx_kthread+0x10/0x10 [ 67.157380][ C3] ret_from_fork+0x45/0x80 [ 67.158550][ C3] ? __pfx_kthread+0x10/0x10 [ 67.159821][ C3] ret_from_fork_asm+0x1a/0x30 [ 67.161081][ C3] [ 67.161908][ C3] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 67.163804][ C3] CPU: 3 UID: 0 PID: 34 Comm: ksoftirqd/3 Not tainted 6.12.0-rc1-syzkaller-00306-g27cc6fdf7201 #0 [ 67.166516][ C3] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 67.169299][ C3] Call Trace: [ 67.170211][ C3] [ 67.170993][ C3] dump_stack_lvl+0x3d/0x1f0 [ 67.172222][ C3] panic+0x71d/0x800 [ 67.173256][ C3] ? __pfx_panic+0x10/0x10 [ 67.174447][ C3] ? show_trace_log_lvl+0x29d/0x3d0 [ 67.175830][ C3] ? check_panic_on_warn+0x1f/0xb0 [ 67.177172][ C3] ? refcount_warn_saturate+0x14a/0x210 [ 67.178621][ C3] check_panic_on_warn+0xab/0xb0 [ 67.179927][ C3] __warn+0xf6/0x3d0 [ 67.180964][ C3] ? refcount_warn_saturate+0x14a/0x210 [ 67.182870][ C3] report_bug+0x3c0/0x580 [ 67.184030][ C3] handle_bug+0x54/0xa0 [ 67.185138][ C3] exc_invalid_op+0x17/0x50 [ 67.186338][ C3] asm_exc_invalid_op+0x1a/0x20 [ 67.187638][ C3] RIP: 0010:refcount_warn_saturate+0x14a/0x210 [ 67.189254][ C3] Code: ff 89 de e8 a8 2e 04 fd 84 db 0f 85 66 ff ff ff e8 bb 2c 04 fd c6 05 0a 14 7d 0b 01 90 48 c7 c7 60 d6 b0 8b e8 07 ac c5 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 98 2c 04 fd 0f b6 1d e5 13 7d 0b 31 [ 67.194253][ C3] RSP: 0018:ffffc900005c77c8 EFLAGS: 00010286 [ 67.195854][ C3] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffffff814e28b9 [ 67.197930][ C3] RDX: ffff88801bb7c880 RSI: ffffffff814e28c6 RDI: 0000000000000001 [ 67.199984][ C3] RBP: ffff88802ac160e4 R08: 0000000000000001 R09: 0000000000000000 [ 67.202006][ C3] R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000002 [ 67.204027][ C3] R13: 0000000000000000 R14: ffff88802ac160e4 R15: 0000000000000001 [ 67.206103][ C3] ? __warn_printk+0x199/0x350 [ 67.207372][ C3] ? __warn_printk+0x1a6/0x350 [ 67.208647][ C3] ? refcount_warn_saturate+0x149/0x210 [ 67.210090][ C3] sk_skb_reason_drop+0x183/0x1a0 [ 67.211416][ C3] j1939_session_destroy+0x163/0x460 [ 67.212816][ C3] j1939_xtp_rx_abort_one+0x3f9/0x560 [ 67.214220][ C3] j1939_tp_recv+0xcf8/0xf50 [ 67.215438][ C3] j1939_can_recv+0x78f/0xa50 [ 67.216683][ C3] ? __pfx_j1939_can_recv+0x10/0x10 [ 67.218043][ C3] ? __pfx_lock_acquire.part.0+0x10/0x10 [ 67.219514][ C3] ? rcu_is_watching+0x12/0xc0 [ 67.220776][ C3] ? trace_lock_acquire+0x14a/0x1d0 [ 67.222187][ C3] ? __pfx_j1939_can_recv+0x10/0x10 [ 67.223549][ C3] can_rcv_filter+0x2a8/0x900 [ 67.224803][ C3] can_receive+0x320/0x5c0 [ 67.225978][ C3] ? __pfx_can_rcv+0x10/0x10 [ 67.227214][ C3] can_rcv+0x1e2/0x280 [ 67.228320][ C3] __netif_receive_skb_one_core+0x1b1/0x1e0 [ 67.229896][ C3] ? __pfx___netif_receive_skb_one_core+0x10/0x10 [ 67.231580][ C3] ? trace_lock_acquire+0x14a/0x1d0 [ 67.232945][ C3] ? process_backlog+0x3f1/0x15f0 [ 67.234265][ C3] ? process_backlog+0x3f1/0x15f0 [ 67.235588][ C3] __netif_receive_skb+0x1d/0x160 [ 67.236915][ C3] process_backlog+0x443/0x15f0 [ 67.238205][ C3] __napi_poll.constprop.0+0xb7/0x550 [ 67.239618][ C3] net_rx_action+0xa92/0x1010 [ 67.240876][ C3] ? __pfx_net_rx_action+0x10/0x10 [ 67.242217][ C3] ? __switch_to+0x749/0x1180 [ 67.243458][ C3] ? kvm_sched_clock_read+0x11/0x20 [ 67.244843][ C3] ? sched_clock+0x38/0x60 [ 67.245984][ C3] ? sched_clock_cpu+0x6d/0x4d0 [ 67.247752][ C3] handle_softirqs+0x213/0x8f0 [ 67.249019][ C3] ? __pfx_handle_softirqs+0x10/0x10 [ 67.250411][ C3] ? rcu_is_watching+0x12/0xc0 [ 67.251679][ C3] ? __pfx_run_ksoftirqd+0x10/0x10 [ 67.253022][ C3] ? smpboot_thread_fn+0x59d/0xa30 [ 67.254367][ C3] run_ksoftirqd+0x3a/0x60 [ 67.255544][ C3] smpboot_thread_fn+0x661/0xa30 [ 67.256878][ C3] ? __kthread_parkme+0x148/0x220 [ 67.258195][ C3] ? __pfx_smpboot_thread_fn+0x10/0x10 [ 67.259620][ C3] kthread+0x2c1/0x3a0 [ 67.260712][ C3] ? _raw_spin_unlock_irq+0x23/0x50 [ 67.262078][ C3] ? __pfx_kthread+0x10/0x10 [ 67.263298][ C3] ret_from_fork+0x45/0x80 [ 67.264481][ C3] ? __pfx_kthread+0x10/0x10 [ 67.265715][ C3] ret_from_fork_asm+0x1a/0x30 [ 67.266981][ C3] [ 67.268365][ C3] Kernel Offset: disabled [ 67.269522][ C3] Rebooting in 86400 seconds.. VM DIAGNOSIS: 10:28:42 Registers: info registers vcpu 0 CPU#0 RAX=00000002000008fb RBX=0000000000000001 RCX=0000000000000830 RDX=0000000000000002 RSI=00000000000000fb RDI=0000000000000002 RBP=0000000000000001 RSP=ffffc90000007e20 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=ffffffff815f48be R12=0000000000000001 R13=0000000000000000 R14=ffff88802b53ee80 R15=ffff8880121f8401 RIP=ffffffff813ba068 RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000020027000 CR3=000000005d60e000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000006000000000 0000000100000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000006000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=ffff7fffffffffff RBX=0000000000000001 RCX=ffffffff8179a4f7 RDX=0000000000000000 RSI=0000000000000008 RDI=ffffffff901cce88 RBP=0000000f95ef5700 RSP=ffffc90000477bb8 R8 =0000000000000000 R9 =0000000000000007 R10=ffffffff901cce8f R11=0000000000000000 R12=00000000ffffa493 R13=0000000000000000 R14=0000000000000001 R15=00000000ffffa493 RIP=ffffffff81ede989 RFL=00000087 [--S--PC] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000000002000e000 CR3=0000000029358000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 2e7a7973f73abff4 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 f700585858585858 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff 0f0e0d0c0b0a0908 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=ffffea0001312980 RCX=ffffffff81e4ccdc RDX=ffff888022134880 RSI=ffffffff81e4ccea RDI=0000000000000007 RBP=0000000000000000 RSP=ffffc9000346f790 R8 =0000000000000007 R9 =0000000000000000 R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000000 R14=ffff888021ad9000 R15=ffffea0001312980 RIP=ffffffff818ca7cc RFL=00000293 [--S-A-C] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007fc2f8323d00 ffffffff 00c00000 GS =0000 ffff88802b600000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=000055b84ce0b000 CR3=000000002ac5c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000008082082 Opmask01=0000000000000000 Opmask02=00000000dfff7fff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 2525252525252525 2525252525252525 2525252525252525 2525252525252525 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 0054454955510029 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 554245440045534f 4252455600524f52 5245004c41544146 005445495551000c ZMM20=0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 0000000000000000 0000000000000004 ZMM21=2691f4202691f420 2691f4202691f420 2691f4202691f420 2691f4202691f420 2691f4202691f420 2691f4202691f420 2691f4202691f420 2691f4202691f420 ZMM22=013f123a013f123a 013f123a013f123a 013f123a013f123a 013f123a013f123a 013f123a013f123a 013f123a013f123a 013f123a013f123a 013f123a013f123a ZMM23=49d526b549d526b5 49d526b549d526b5 49d526b549d526b5 49d526b549d526b5 49d526b549d526b5 49d526b549d526b5 49d526b549d526b5 49d526b549d526b5 ZMM24=c357aeabc357aeab c357aeabc357aeab c357aeabc357aeab c357aeabc357aeab c357aeabc357aeab c357aeabc357aeab c357aeabc357aeab c357aeabc357aeab ZMM25=5db6934b5db6934b 5db6934b5db6934b 5db6934b5db6934b 5db6934b5db6934b 5db6934b5db6934b 5db6934b5db6934b 5db6934b5db6934b 5db6934b5db6934b ZMM26=df788ba3df788ba3 df788ba3df788ba3 df788ba3df788ba3 df788ba3df788ba3 df788ba3df788ba3 df788ba3df788ba3 df788ba3df788ba3 df788ba3df788ba3 ZMM27=cad2ef55cad2ef55 cad2ef55cad2ef55 cad2ef55cad2ef55 cad2ef55cad2ef55 cad2ef55cad2ef55 cad2ef55cad2ef55 cad2ef55cad2ef55 cad2ef55cad2ef55 ZMM28=000001400000013f 0000013e0000013d 0000013c0000013b 0000013a00000139 0000013800000137 0000013600000135 0000013400000133 0000013200000131 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=9702000097020000 9702000097020000 9702000097020000 9702000097020000 9702000097020000 9702000097020000 9702000097020000 9702000097020000 info registers vcpu 3 CPU#3 RAX=0000000000000032 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85034e45 RDI=ffffffff9a63a220 RBP=ffffffff9a63a1e0 RSP=ffffc900005c7128 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000032 R14=ffffffff85034de0 R15=0000000000000000 RIP=ffffffff85034e6f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000020028000 CR3=0000000026246000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000