last executing test programs: 12m7.950981572s ago: executing program 2 (id=94): close(0x3) r0 = bpf$MAP_CREATE(0x0, &(0x7f00000003c0)=@base={0x6, 0x4, 0xcc, 0xc}, 0x50) close(0x3) bpf$MAP_CREATE(0x0, &(0x7f00000008c0)=ANY=[@ANYBLOB="0a00000002000000ff0f000007"], 0x48) r1 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000}, 0x48) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x15, &(0x7f0000000280)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r1, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000080850000008200000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x90) bpf$BPF_GET_PROG_INFO(0xa, &(0x7f00000021c0)={r2, 0x0, 0x0}, 0x10) 12m7.91936363s ago: executing program 2 (id=95): io_uring_setup(0x8db, &(0x7f0000000100)={0x0, 0x4, 0x1000, 0x1, 0x19f}) r0 = openat$kvm(0xffffff9c, &(0x7f00000000c0), 0x800, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000200)={[0x0, 0x1, 0xfffffffffffffffd, 0x0, 0x10003, 0xfffffffffffffffd, 0x4002004c4, 0x2a6f, 0x80, 0x8000000000000001, 0xa4a4, 0x5, 0x1, 0x800, 0xfffffffffffffffc], 0x80a0000, 0x2025c0}) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_RUN(r2, 0xae80, 0x0) 12m7.713257436s ago: executing program 2 (id=100): r0 = socket$nl_generic(0x10, 0x3, 0x10) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000480)={'wlan0\x00', 0x0}) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) sendmsg$NL80211_CMD_REMAIN_ON_CHANNEL(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000100)={&(0x7f00000004c0)=ANY=[@ANYBLOB=',\x00\x00\x00', @ANYRES16=r2, @ANYBLOB="010000000000000000003700000008000300", @ANYRES32=r1, @ANYBLOB="08002600901500000800570080"], 0x2c}}, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r3, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_INTERFACE(r3, &(0x7f0000000100)={0x0, 0x0, &(0x7f0000000140)={&(0x7f00000002c0)={0x24, r4, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r5}, @void}}, [@NL80211_ATTR_IFTYPE={0x8, 0x5, 0x2}]}, 0x24}}, 0x0) 12m7.521744961s ago: executing program 2 (id=101): mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r0, 0x0) setpgid(0x0, r0) mount$tmpfs(0x0, &(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1000810, 0x0) 12m7.521493844s ago: executing program 2 (id=102): openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x20000000) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) socket$inet6_sctp(0xa, 0x4, 0x84) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102) writev(r1, &(0x7f0000000840)=[{0x0}], 0x1) r2 = socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f0000000040)='a,\x00') r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r2) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x8ab43, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CAP_EXIT_HYPERCALL(r5, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) ioctl$KVM_SET_MP_STATE(r6, 0x4004ae99, &(0x7f0000000100)=0x3) ioctl$KVM_SET_LAPIC(r6, 0x4400ae8f, &(0x7f00000001c0)={"c718ae3ddd25e4c2826499cb6a055b56a5a7336f377a556f824db28eb6743cf045afd0e932534b9eb3b847abbcef63c85319991745999ed89ff49783a84d57cf175a89f8733d74a1bdddcb0a6c3f7535e7976e79da1b52de6403f6710d606fafaf685ec19f369b7829b12aa2b8cd2ab52f9c688683979cdb9516cb61f2adb9aefd44fee30bddb81ebefa818f31f60d89a4e390920c7ed0e2512fd59f719e734b0a1d1f3ff7babb54258a1585514aac0b000000733671e0543929c06f72fc598939003ac6777f3497523536fd25ac4f1e265f5038fa7455f2cc6131d4a189a16b0f0b89e6a495e1d95b840c36488adc22cb2d1b8af57f6dce7214152ba1b3c0d3ad0a6db821518e44b24cb36a02d76ea11a1c45879fc77e7bb2af8c345ddddf49f41228df2114f2c27d16499fa36097a5015ad61a6a9484c09e0a2dfb50f7b7ca71135dc32804a80380a6e20e0ae03be775e472cd31d6a31e615937c38e746a5cf6c9d8194242990dd497a2c52ab50300000000000000cebbd983c3f86dbe92c4b751c04693cb09af88521ab305ceabf6d2bab40bb1b219fbe95ace2f6c49fea798e76b4ef336dff5ac0f7ab022b800ac1aa42fd231b52465a410177ed85dcc9c6d794e2aa0b90cdc409541aa85fa16e3cbc3a9d6c83ffd4d01e5ba898555eeffccf0cb28ce5df0ba31cb793675276162de2fdcb486455bca57edf4fb14e1533554eb22527d66a28a960c430f6136927f54e670c46292454fe28485f35405025844fd24fe846f6656c77d9b5f2b4750ac4805897b02c85caba80000bb96f71f468c9e746d860238b3b113ab1eef51e1507f8832d5d69528083d44548e491477cda51d7e083a134097438e9d7ea34eae8a2e6b516327db9310c7478a37f5c562037196131cc7c84fa29c3c2576f2ae7570b5a98aaa49ca7ddfd5a8c046ce82e4a2d06082ad7a3ab0dfbe208630b1410b674781855752c9c57c1c5ab0a74a336ce89b3a9c0d37a3ca4e698a798a85faf7f4f1dc020b7dd5750062c9810c4bc1ad7afe338f2b0f29059e684fe16098eb30da105be01ca11a293635dfc6d25ecc770ba72792fd3c6851d951b770d0f9edafb1cb4241350d85b04ed737a9bfd7e8301c43b65a95dda76d6850860ba3195040b14c8ad1a8b52472785521147182352a1dbd93595cbc26e813ccd75e16f9247fe82ed150c121f0041022522ec76476f0a9cffa3be1d3ffffffffffffffff29358bbfd8b7a12fe94a0355beb9420eee0a5c11220100c782b89e9430de84b220e8c0df4bd40be3400c58f149319f891fe86fba751dab3326bf2deb9e782b37ec9c7adf36025a091a4b3600000000000000000000000000000000000000000000000000000000000000000600"}) ioctl$KVM_RUN(r6, 0xae80, 0x0) sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00', @ANYRES16=r3, @ANYBLOB, @ANYRES64=r2], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0) syz_io_uring_setup(0xd38, &(0x7f0000000280)={0x0, 0x7732, 0x80, 0x1, 0x350}, &(0x7f00000000c0)=0x0, &(0x7f0000000440)=0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r7, r8, 0x0) 12m7.061508722s ago: executing program 2 (id=111): openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x20000000) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) socket$inet6_sctp(0xa, 0x4, 0x84) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102) writev(r1, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f0000000040)='a,\x00') r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r2) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x8ab43, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CAP_EXIT_HYPERCALL(r5, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) ioctl$KVM_SET_MP_STATE(r6, 0x4004ae99, &(0x7f0000000100)=0x3) ioctl$KVM_SET_LAPIC(r6, 0x4400ae8f, &(0x7f00000001c0)={"c718ae3ddd25e4c2826499cb6a055b56a5a7336f377a556f824db28eb6743cf045afd0e932534b9eb3b847abbcef63c85319991745999ed89ff49783a84d57cf175a89f8733d74a1bdddcb0a6c3f7535e7976e79da1b52de6403f6710d606fafaf685ec19f369b7829b12aa2b8cd2ab52f9c688683979cdb9516cb61f2adb9aefd44fee30bddb81ebefa818f31f60d89a4e390920c7ed0e2512fd59f719e734b0a1d1f3ff7babb54258a1585514aac0b000000733671e0543929c06f72fc598939003ac6777f3497523536fd25ac4f1e265f5038fa7455f2cc6131d4a189a16b0f0b89e6a495e1d95b840c36488adc22cb2d1b8af57f6dce7214152ba1b3c0d3ad0a6db821518e44b24cb36a02d76ea11a1c45879fc77e7bb2af8c345ddddf49f41228df2114f2c27d16499fa36097a5015ad61a6a9484c09e0a2dfb50f7b7ca71135dc32804a80380a6e20e0ae03be775e472cd31d6a31e615937c38e746a5cf6c9d8194242990dd497a2c52ab50300000000000000cebbd983c3f86dbe92c4b751c04693cb09af88521ab305ceabf6d2bab40bb1b219fbe95ace2f6c49fea798e76b4ef336dff5ac0f7ab022b800ac1aa42fd231b52465a410177ed85dcc9c6d794e2aa0b90cdc409541aa85fa16e3cbc3a9d6c83ffd4d01e5ba898555eeffccf0cb28ce5df0ba31cb793675276162de2fdcb486455bca57edf4fb14e1533554eb22527d66a28a960c430f6136927f54e670c46292454fe28485f35405025844fd24fe846f6656c77d9b5f2b4750ac4805897b02c85caba80000bb96f71f468c9e746d860238b3b113ab1eef51e1507f8832d5d69528083d44548e491477cda51d7e083a134097438e9d7ea34eae8a2e6b516327db9310c7478a37f5c562037196131cc7c84fa29c3c2576f2ae7570b5a98aaa49ca7ddfd5a8c046ce82e4a2d06082ad7a3ab0dfbe208630b1410b674781855752c9c57c1c5ab0a74a336ce89b3a9c0d37a3ca4e698a798a85faf7f4f1dc020b7dd5750062c9810c4bc1ad7afe338f2b0f29059e684fe16098eb30da105be01ca11a293635dfc6d25ecc770ba72792fd3c6851d951b770d0f9edafb1cb4241350d85b04ed737a9bfd7e8301c43b65a95dda76d6850860ba3195040b14c8ad1a8b52472785521147182352a1dbd93595cbc26e813ccd75e16f9247fe82ed150c121f0041022522ec76476f0a9cffa3be1d3ffffffffffffffff29358bbfd8b7a12fe94a0355beb9420eee0a5c11220100c782b89e9430de84b220e8c0df4bd40be3400c58f149319f891fe86fba751dab3326bf2deb9e782b37ec9c7adf36025a091a4b3600000000000000000000000000000000000000000000000000000000000000000600"}) ioctl$KVM_RUN(r6, 0xae80, 0x0) sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00', @ANYRES16=r3, @ANYBLOB, @ANYRES64=r2], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0) syz_io_uring_setup(0xd38, &(0x7f0000000280)={0x0, 0x7732, 0x80, 0x1, 0x350}, &(0x7f00000000c0)=0x0, &(0x7f0000000440)=0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r7, r8, 0x0) 12m6.935529866s ago: executing program 32 (id=111): openat(0xffffffffffffff9c, &(0x7f0000000380)='./cgroup.cpu/cgroup.procs\x00', 0x0, 0x0) openat$sequencer2(0xffffffffffffff9c, &(0x7f00000005c0), 0x0, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000380)={0x8, 0x100008b}, 0x0) sendmsg$ETHTOOL_MSG_FEATURES_SET(0xffffffffffffffff, 0x0, 0x20000000) sched_setscheduler(0x0, 0x1, &(0x7f0000000000)=0x7) socket$inet6_sctp(0xa, 0x4, 0x84) r0 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000240)=ANY=[], 0x7c}, 0x1, 0x0, 0x0, 0x4000}, 0x4000000) sendmsg$NFT_BATCH(r0, &(0x7f0000009b40)={0x0, 0x0, &(0x7f0000009b00)={0x0}, 0x1, 0x0, 0x0, 0x4000850}, 0x24000840) r1 = syz_open_dev$sndmidi(&(0x7f00000004c0), 0x2, 0x143102) writev(r1, 0x0, 0x0) r2 = socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SET_VMA(0x53564d41, 0x0, &(0x7f0000ffc000/0x4000)=nil, 0x4000, &(0x7f0000000040)='a,\x00') r3 = syz_genetlink_get_family_id$ethtool(&(0x7f00000000c0), r2) r4 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000180), 0x8ab43, 0x0) r5 = ioctl$KVM_CREATE_VM(r4, 0xae01, 0x0) ioctl$KVM_CAP_EXIT_HYPERCALL(r5, 0x4068aea3, &(0x7f0000000040)={0x79, 0x0, 0xc}) r6 = ioctl$KVM_CREATE_VCPU(r5, 0xae41, 0x2) ioctl$KVM_SET_MP_STATE(r6, 0x4004ae99, &(0x7f0000000100)=0x3) ioctl$KVM_SET_LAPIC(r6, 0x4400ae8f, &(0x7f00000001c0)={"c718ae3ddd25e4c2826499cb6a055b56a5a7336f377a556f824db28eb6743cf045afd0e932534b9eb3b847abbcef63c85319991745999ed89ff49783a84d57cf175a89f8733d74a1bdddcb0a6c3f7535e7976e79da1b52de6403f6710d606fafaf685ec19f369b7829b12aa2b8cd2ab52f9c688683979cdb9516cb61f2adb9aefd44fee30bddb81ebefa818f31f60d89a4e390920c7ed0e2512fd59f719e734b0a1d1f3ff7babb54258a1585514aac0b000000733671e0543929c06f72fc598939003ac6777f3497523536fd25ac4f1e265f5038fa7455f2cc6131d4a189a16b0f0b89e6a495e1d95b840c36488adc22cb2d1b8af57f6dce7214152ba1b3c0d3ad0a6db821518e44b24cb36a02d76ea11a1c45879fc77e7bb2af8c345ddddf49f41228df2114f2c27d16499fa36097a5015ad61a6a9484c09e0a2dfb50f7b7ca71135dc32804a80380a6e20e0ae03be775e472cd31d6a31e615937c38e746a5cf6c9d8194242990dd497a2c52ab50300000000000000cebbd983c3f86dbe92c4b751c04693cb09af88521ab305ceabf6d2bab40bb1b219fbe95ace2f6c49fea798e76b4ef336dff5ac0f7ab022b800ac1aa42fd231b52465a410177ed85dcc9c6d794e2aa0b90cdc409541aa85fa16e3cbc3a9d6c83ffd4d01e5ba898555eeffccf0cb28ce5df0ba31cb793675276162de2fdcb486455bca57edf4fb14e1533554eb22527d66a28a960c430f6136927f54e670c46292454fe28485f35405025844fd24fe846f6656c77d9b5f2b4750ac4805897b02c85caba80000bb96f71f468c9e746d860238b3b113ab1eef51e1507f8832d5d69528083d44548e491477cda51d7e083a134097438e9d7ea34eae8a2e6b516327db9310c7478a37f5c562037196131cc7c84fa29c3c2576f2ae7570b5a98aaa49ca7ddfd5a8c046ce82e4a2d06082ad7a3ab0dfbe208630b1410b674781855752c9c57c1c5ab0a74a336ce89b3a9c0d37a3ca4e698a798a85faf7f4f1dc020b7dd5750062c9810c4bc1ad7afe338f2b0f29059e684fe16098eb30da105be01ca11a293635dfc6d25ecc770ba72792fd3c6851d951b770d0f9edafb1cb4241350d85b04ed737a9bfd7e8301c43b65a95dda76d6850860ba3195040b14c8ad1a8b52472785521147182352a1dbd93595cbc26e813ccd75e16f9247fe82ed150c121f0041022522ec76476f0a9cffa3be1d3ffffffffffffffff29358bbfd8b7a12fe94a0355beb9420eee0a5c11220100c782b89e9430de84b220e8c0df4bd40be3400c58f149319f891fe86fba751dab3326bf2deb9e782b37ec9c7adf36025a091a4b3600000000000000000000000000000000000000000000000000000000000000000600"}) ioctl$KVM_RUN(r6, 0xae80, 0x0) sendmsg$ETHTOOL_MSG_COALESCE_SET(r2, &(0x7f0000000540)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000180)=ANY=[@ANYBLOB='\\\x00\x00', @ANYRES16=r3, @ANYBLOB, @ANYRES64=r2], 0x5c}, 0x1, 0x0, 0x0, 0x800}, 0x0) syz_io_uring_setup(0xd38, &(0x7f0000000280)={0x0, 0x7732, 0x80, 0x1, 0x350}, &(0x7f00000000c0)=0x0, &(0x7f0000000440)=0x0) setsockopt$SO_ATTACH_FILTER(0xffffffffffffffff, 0x1, 0x1a, &(0x7f0000000400)={0x1, &(0x7f0000000200)=[{0x2e, 0x0, 0x0, 0x4}]}, 0x10) mprotect(&(0x7f0000000000/0x800000)=nil, 0x800000, 0x5) syz_io_uring_submit(r7, r8, 0x0) 8m26.459733387s ago: executing program 3 (id=1158): mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x4, 0x0, 0x0, 0x4) sendmsg$kcm(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)=[{&(0x7f00000000c0)="d8000000140081044e81f782db44b9040a1d080211000000040000a118000200ff05140100000e1208000f0100810401a80016ea1f000840042e5f54c92011148ed08734843cb12b00000803600cfab94dcf5c04", 0x54}], 0x1, 0x0, 0x0, 0x7400}, 0x0) syz_emit_ethernet(0x2a, &(0x7f0000000100)=ANY=[@ANYBLOB="bbbbbbbbbbbb8a0a63cdec5908060001080006"], 0x0) r0 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r0, 0x8933, &(0x7f0000000080)={'batadv0\x00', 0x0}) sendto$packet(r0, &(0x7f0000000100)="f257a8ea7bc273dfaeab96850806", 0x2a, 0x0, &(0x7f0000000200)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @link_local}, 0x14) 8m26.165254477s ago: executing program 3 (id=1161): r0 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$inet6_tcp_int(r0, 0x6, 0x13, &(0x7f0000000240)=0x100000001, 0x59) connect$inet6(r0, &(0x7f0000000200)={0xa, 0xffff, 0x0, @loopback}, 0x1c) setsockopt$inet6_tcp_TCP_ULP(r0, 0x6, 0x1f, &(0x7f0000000040), 0x1e) setsockopt$inet6_tcp_TLS_TX(r0, 0x11a, 0x1, &(0x7f00000000c0)=@gcm_128={{0x303}, "2d432d74c04f228a", "d71d9a1e03558545115509e1c34caab9", "59f7766d", "5e33931677e0f2d7"}, 0x28) sendto$inet6(r0, &(0x7f0000000280)='S', 0x1, 0x8000, 0x0, 0x0) close(r0) 8m26.124129917s ago: executing program 3 (id=1164): syz_usb_connect$hid(0x5, 0x36, &(0x7f00000008c0)=ANY=[@ANYBLOB="12010000000000108117980800000000000109024100010000000009040000020308000009210000010122290a09058103"], 0x0) syz_open_dev$evdev(&(0x7f0000000080), 0xfefffffa, 0x0) 8m24.869456342s ago: executing program 3 (id=1172): mkdir(&(0x7f0000000040)='./file1\x00', 0x0) mount$fuse(0x0, 0x0, 0x0, 0x0, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000240)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r0 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r0, 0x0) setpgid(0x0, r0) mount$tmpfs(0x0, &(0x7f00000006c0)='./file0aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa\x00', 0x0, 0x1000810, 0x0) 8m24.79919426s ago: executing program 3 (id=1173): r0 = signalfd4(0xffffffffffffffff, &(0x7f0000000000)={[0x2]}, 0x8, 0x0) read$FUSE(r0, &(0x7f0000001b40)={0x2020}, 0x205c) timer_create(0x2, 0x0, &(0x7f0000bbdffc)) timer_create(0x0, &(0x7f00000000c0)={0x0, 0x21, 0x2, @thr={0x0, 0x0}}, &(0x7f0000000200)=0x0) fcntl$lock(0xffffffffffffffff, 0x6, &(0x7f0000000040)={0x0, 0x0, 0x60d3, 0x5}) mprotect(&(0x7f0000000000/0xf000)=nil, 0xf000, 0x1) timer_settime(r1, 0x1, &(0x7f0000000040)={{}, {0x0, 0x989680}}, 0x0) 8m24.195751645s ago: executing program 3 (id=1178): r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f0000000380)=ANY=[@ANYRES32=r0], 0x8, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = openat$dsp(0xffffffffffffff9c, 0x0, 0x301201, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r1, 0x80045017, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket$kcm(0x10, 0x2, 0x4) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_ALM_READ(r2, 0x40187014, &(0x7f0000000080)) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = socket(0x40000000015, 0x5, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r5, 0x10e, 0x2, &(0x7f00000001c0)=0x1, 0x4) connect$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @private=0xa010102}, 0x10) bind$inet(r4, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r4, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x4004844) set_mempolicy(0x2, 0x0, 0x3ff) write$FUSE_NOTIFY_INVAL_INODE(0xffffffffffffffff, &(0x7f00000000c0)={0x28, 0x2, 0x0, {0x1, 0x5, 0x9}}, 0x28) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)) ioctl$I2C_PEC(0xffffffffffffffff, 0x708, 0x3) ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, &(0x7f0000000200)={0x0, 0x4, 0x8, &(0x7f0000000300)={0x11, "694b68174bf36f5aec48ed65bbb44df72cbbe29ca8a535bed614dfa2844c483711"}}) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6(0xa, 0x3, 0x7) 8m24.131915162s ago: executing program 33 (id=1178): r0 = msgget$private(0x0, 0x0) msgsnd(r0, &(0x7f0000000380)=ANY=[@ANYRES32=r0], 0x8, 0x0) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = openat$dsp(0xffffffffffffff9c, 0x0, 0x301201, 0x0) ioctl$SNDCTL_DSP_GETODELAY(r1, 0x80045017, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x7}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000180)=0x4) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) socket$kcm(0x10, 0x2, 0x4) r2 = openat$rtc(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$RTC_ALM_READ(r2, 0x40187014, &(0x7f0000000080)) r3 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r3, &(0x7f0000019680)=""/102392, 0x18ff8) r4 = socket(0x40000000015, 0x5, 0x0) r5 = socket$nl_netfilter(0x10, 0x3, 0xc) setsockopt$netlink_NETLINK_DROP_MEMBERSHIP(r5, 0x10e, 0x2, &(0x7f00000001c0)=0x1, 0x4) connect$inet(r4, &(0x7f0000000040)={0x2, 0x4e20, @private=0xa010102}, 0x10) bind$inet(r4, &(0x7f0000000340)={0x2, 0x4e20, @loopback}, 0x57) sendmsg$xdp(r4, &(0x7f0000000280)={0x0, 0x0, 0x0}, 0x4004844) set_mempolicy(0x2, 0x0, 0x3ff) write$FUSE_NOTIFY_INVAL_INODE(0xffffffffffffffff, &(0x7f00000000c0)={0x28, 0x2, 0x0, {0x1, 0x5, 0x9}}, 0x28) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)) ioctl$I2C_PEC(0xffffffffffffffff, 0x708, 0x3) ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, &(0x7f0000000200)={0x0, 0x4, 0x8, &(0x7f0000000300)={0x11, "694b68174bf36f5aec48ed65bbb44df72cbbe29ca8a535bed614dfa2844c483711"}}) r6 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r6, &(0x7f0000000000)={0x0, 0x0, 0x0}, 0x0) socket$nl_xfrm(0x10, 0x3, 0x6) socket$inet6(0xa, 0x3, 0x7) 8m5.749025185s ago: executing program 1 (id=1322): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file1\x00', 0x0) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000100), 0x4040, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0) sendmsg$key(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={0x0}}, 0x0) ioctl$FS_IOC_SETFLAGS(r0, 0xc0189436, &(0x7f0000000140)) r1 = bpf$BPF_PROG_WITH_BTFID_LOAD(0x5, &(0x7f0000000400)=@bpf_lsm={0x6, 0x5, &(0x7f00000000c0)=ANY=[@ANYBLOB="a5330000002061102118800000000000000000d00000000000000200"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x5, '\x00', 0x0, 0x1b, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x4}, 0x94) fstatat64(0xffffff9c, &(0x7f0000000000)='\x00', &(0x7f0000000040), 0x1000) bpf$OBJ_GET_MAP(0x7, &(0x7f0000000180)=@o_path={&(0x7f0000000140)='./file0\x00', 0x0, 0x4018, r1}, 0x14) 8m5.748381951s ago: executing program 1 (id=1324): r0 = syz_clone(0x20800000, 0x0, 0x0, 0x0, 0x0, 0x0) mkdir(&(0x7f0000000000)='./cgroup/../file0\x00', 0x0) r1 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r2 = openat$cgroup_procs(r1, &(0x7f00000003c0)='cgroup.procs\x00', 0x2, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000180)={0x11, 0xc, &(0x7f0000000440)=@framed={{}, [@ringbuf_output={{}, {0x7, 0x0, 0xb, 0x8, 0x0, 0x0, 0x2}, {}, {}, {}, {}, {}, {0x85, 0x0, 0x0, 0x3}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000000400000900000001"], 0x48) bind(0xffffffffffffffff, &(0x7f0000000b80)=@generic={0x1e, "f1a9eaa09fe4addac736111372298cd407881f49aabd0c8f7947531825d435f8343d07d2dcd297f85baa9955b393562e5533c13e8232cf1eb0e7ff1d797c788b6bf7d359b8e165eb04670c6976a6522898f69e832fb33f929733e5feeb84ebf4cb5de980510a14fa37a02f498d753c2c2a640dd43d9de0076a84b7bf5f00"}, 0x80) write$cgroup_pid(r2, &(0x7f00000005c0)=r0, 0x12) r3 = openat$cgroup_ro(r1, &(0x7f00000000c0)='cgroup.kill\x00', 0x275a, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000700)='signal_generate\x00'}, 0x10) write$cgroup_int(r3, &(0x7f0000000040)=0x1, 0x12) 8m5.680792792s ago: executing program 1 (id=1326): r0 = bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x11, 0x3, &(0x7f0000000740)=@framed, &(0x7f0000000780)='GPL\x00', 0x0, 0x0, 0x0, 0x41000, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000040)='kfree\x00', r0}, 0x18) r1 = socket$inet_tcp(0x2, 0x1, 0x0) r2 = socket$packet(0x11, 0x3, 0x300) r3 = dup(r2) r4 = openat$vnet(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$int_in(r4, 0x40000000af01, 0x0) ioctl$VHOST_SET_VRING_ADDR(r4, 0x4028af11, &(0x7f0000000200)={0x1, 0x1, 0x0, &(0x7f0000000740)=""/51, 0x0}) ioctl$VHOST_SET_MEM_TABLE(r4, 0x4008af03, &(0x7f0000000040)) ioctl$VHOST_NET_SET_BACKEND(r4, 0x4008af30, &(0x7f00000003c0)={0x1, r3}) close_range(r1, 0xffffffffffffffff, 0x0) 8m5.579537685s ago: executing program 1 (id=1327): mkdirat(0xffffffffffffff9c, &(0x7f0000000240)='./file1\x00', 0x94) mount$fuse(0x0, 0x0, 0x0, 0xfc5cd7921c2c19c4, &(0x7f0000000400)=ANY=[@ANYBLOB='fd=', @ANYRESHEX=0x0]) mount(0x0, &(0x7f0000000380)='./file1\x00', &(0x7f0000000040)='autofs\x00', 0x0, &(0x7f0000000400)) chdir(&(0x7f0000000080)='./file1\x00') r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x5, &(0x7f0000000000)=ANY=[@ANYBLOB="180000000020000000000000f9ffff0b85000000ae00000085"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000480)={&(0x7f0000000040)='sys_exit\x00', r0}, 0x90) r1 = syz_clone(0x0, 0x0, 0x0, 0x0, 0x0, 0x0) setpgid(r1, 0x0) setpgid(0x0, r1) mount$cgroup(0x0, &(0x7f0000000100)='./file0\x00', 0x0, 0x10000, 0x0) r2 = open(&(0x7f0000000000)='.\x00', 0x0, 0x0) ioctl$AUTOFS_IOC_CATATONIC(r2, 0x9362, 0x0) 8m5.479492185s ago: executing program 1 (id=1328): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000280)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000002c0)={0x73622a85, 0x10a}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000e00)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f00000005c0)={@flat=@weak_binder={0x77622a85, 0x1000}, @flat=@binder={0x73622a85, 0x18a, 0x3}, @flat=@weak_handle={0x77682a85, 0x1001}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000240)={0x0, 0x0, 0x0, 0x3, 0xfdfdffffffffffff, &(0x7f00000006c0)="e101d5"}) 8m5.278466897s ago: executing program 1 (id=1332): socket$nl_generic(0x10, 0x3, 0x10) socket$can_bcm(0x1d, 0x2, 0x2) syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x77}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x20, 0x4, 0x44, 0x0, 0x0, 0x1}, [@FRA_SRC={0x8, 0x2, @private=0xa010101}]}, 0x24}, 0x1, 0x0, 0x0, 0x40001}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB], 0x28}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x110) r5 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @dev}, 0x2}}, 0x2e) r6 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r6, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10002, 0x1, 0x2}}, 0x2e) getsockopt(r6, 0x10e, 0x1005, 0x0, &(0x7f00000000c0)=0x19) r7 = add_key$user(&(0x7f0000000380), 0x0, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe) r8 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000100)={r7, r8, r8}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}}) 8m5.203273811s ago: executing program 34 (id=1332): socket$nl_generic(0x10, 0x3, 0x10) socket$can_bcm(0x1d, 0x2, 0x2) syz_open_dev$sg(&(0x7f00000003c0), 0x0, 0x5) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000400)={0x11, 0x3, &(0x7f0000000300)=ANY=[], &(0x7f0000000280)='GPL\x00', 0xa, 0xb9, &(0x7f0000000140)=""/185, 0x41100, 0x2b, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x77}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file1\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000200)=@ipv4_newrule={0x24, 0x20, 0x301, 0x0, 0x0, {0x2, 0x0, 0x20, 0x4, 0x44, 0x0, 0x0, 0x1}, [@FRA_SRC={0x8, 0x2, @private=0xa010101}]}, 0x24}, 0x1, 0x0, 0x0, 0x40001}, 0x0) r4 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000200)=ANY=[@ANYBLOB], 0x28}}, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0\x00', 0x110) r5 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r5, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x3, 0xffffffffffffffff, {0x2, 0x0, @dev}, 0x2}}, 0x2e) r6 = socket$pppl2tp(0x18, 0x1, 0x1) connect$pppl2tp(r6, &(0x7f0000000000)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @dev={0xac, 0x14, 0x14, 0x32}}, 0x10002, 0x1, 0x2}}, 0x2e) getsockopt(r6, 0x10e, 0x1005, 0x0, &(0x7f00000000c0)=0x19) r7 = add_key$user(&(0x7f0000000380), 0x0, &(0x7f0000000140)='_', 0x1, 0xfffffffffffffffe) r8 = add_key$user(&(0x7f0000000200), &(0x7f00000005c0), &(0x7f00000000c0), 0x390, 0xfffffffffffffffd) keyctl$dh_compute(0x17, &(0x7f0000000100)={r7, r8, r8}, 0x0, 0x0, &(0x7f0000000180)={&(0x7f0000000040)={'sha3-512-generic\x00'}}) 4.633978086s ago: executing program 4 (id=3680): syz_usb_connect(0x3, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0) timer_create(0x8, &(0x7f00000002c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r0, &(0x7f0000000040)='L', 0x1) 3.587103724s ago: executing program 6 (id=3715): syz_usb_control_io$cdc_ncm(0xffffffffffffffff, 0x0, &(0x7f0000000380)={0x44, 0x0, 0x0, 0x0, &(0x7f0000000540)={0x20, 0x80, 0x1c, {0x101, 0x1, 0x10000009, 0x843, 0x2, 0x7ffb, 0x200, 0x3, 0x2006, 0xfffc, 0x22, 0xf8}}, 0x0, 0x0, 0x0, 0x0}) syz_emit_vhci(&(0x7f0000000540)=ANY=[@ANYBLOB="043e1f0a"], 0x22) openat$ttyS3(0xffffffffffffff9c, 0x0, 0x40, 0x0) close(0xffffffffffffffff) inotify_init1(0x800) socket$vsock_stream(0x28, 0x1, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) getsockopt$inet_sctp_SCTP_PARTIAL_DELIVERY_POINT(0xffffffffffffffff, 0x84, 0x13, 0x0, &(0x7f0000001240)) 3.023843737s ago: executing program 6 (id=3733): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002600)='/proc/bus/input/devices\x00', 0x0, 0x0) r1 = openat$uinput(0xffffffffffffff9c, 0x0, 0x802, 0x0) ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x4) ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000100)={{0x100, 0x9, 0x2, 0xfffe}, 'syz1\x00', 0x3b}) ioctl$UI_DEV_CREATE(r1, 0x5501) read$FUSE(r0, &(0x7f00000001c0)={0x2020}, 0x2020) 2.974666168s ago: executing program 6 (id=3734): socket$pppl2tp(0x18, 0x1, 0x1) r0 = socket$inet6_udp(0xa, 0x2, 0x0) bind$inet6(r0, &(0x7f0000000000)={0xa, 0xe22, 0x0, @empty}, 0x1c) r1 = syz_genetlink_get_family_id$l2tp(&(0x7f00000008c0), 0xffffffffffffffff) r2 = socket$nl_generic(0x10, 0x3, 0x10) sendmsg$L2TP_CMD_SESSION_DELETE(r2, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000600)={0x34, r1, 0x1, 0x1070bd2c, 0x4, {0x5}, [@L2TP_ATTR_CONN_ID={0x8, 0x9, 0x2}, @L2TP_ATTR_SESSION_ID={0x8}, @L2TP_ATTR_PW_TYPE={0x6, 0x1, 0x5}, @L2TP_ATTR_PEER_SESSION_ID={0x8, 0xc, 0xaa8}]}, 0x34}, 0x1, 0x0, 0x0, 0x20008080}, 0x30) syz_emit_ethernet(0x50, &(0x7f0000000040)={@link_local, @dev={'\xaa\xaa\xaa\xaa\xaa', 0x36}, @val={@void}, {@ipv6={0x86dd, @udp={0x0, 0x6, "010100", 0x16, 0x11, 0xff, @remote, @local, {[], {0x0, 0xe22, 0x16, 0x0, @gue={{0x2, 0x0, 0x0, 0x3}, "30b00afe4e79"}}}}}}}, 0x0) 2.950874951s ago: executing program 6 (id=3735): r0 = syz_io_uring_setup(0x7b, &(0x7f0000000540)={0x0, 0x3bce, 0x10100, 0x0, 0x313}, &(0x7f00000005c0)=0x0, &(0x7f0000000100)=0x0) socketpair$tipc(0x1e, 0x5, 0x0, &(0x7f0000000040)={0xffffffffffffffff, 0xffffffffffffffff}) sendmsg$inet(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x4000000) syz_io_uring_submit(r1, r2, &(0x7f0000000600)=@IORING_OP_RECVMSG={0xa, 0x40, 0x0, r4, 0x0, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000140)=[{&(0x7f0000000800)=""/189, 0xbd}], 0x1}, 0x0, 0x40000103}) io_uring_enter(r0, 0x46f3, 0x0, 0x0, 0x0, 0x0) 2.871706676s ago: executing program 6 (id=3737): mkdirat(0xffffffffffffff9c, &(0x7f0000000280)='./file0\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mkdir(&(0x7f0000000040)='./file1\x00', 0x100) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]}) rmdir(&(0x7f0000000380)='./file0/../file0\x00') 2.870964203s ago: executing program 6 (id=3739): r0 = syz_usb_connect(0x0, 0x3f, &(0x7f00000000c0)=ANY=[@ANYBLOB="11010000733336088dee1edb23610000000109022d0101100000000904000003fe03010009cd8d1f0002000000090505020000fcffff09058b1e20"], 0x0) syz_usb_control_io(r0, 0x0, 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) r1 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) ioctl$EVIOCGMASK(r1, 0x5b06, 0x0) 1.394950571s ago: executing program 4 (id=3741): sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) bind$inet6(r0, &(0x7f0000000040)={0xa, 0x4e22, 0x0, @empty, 0x7}, 0x1c) listen(r0, 0xfffffffc) r1 = socket$nl_generic(0x10, 0x3, 0x10) r2 = syz_genetlink_get_family_id$mptcp(&(0x7f0000000040), 0xffffffffffffffff) r3 = socket$inet_mptcp(0x2, 0x1, 0x106) connect$inet(r3, &(0x7f0000000000)={0x2, 0x4e22, @local}, 0x10) sendto$inet(r3, &(0x7f00000000c0)="1c", 0x10002, 0x0, 0x0, 0x0) sendmsg$MPTCP_PM_CMD_DEL_ADDR(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={&(0x7f0000000240)={0x28, r2, 0x7, 0x0, 0x0, {}, [@MPTCP_PM_ATTR_ADDR={0x14, 0x1, 0x0, 0x1, [@MPTCP_PM_ADDR_ATTR_FAMILY={0x6, 0x1, 0x2}, @MPTCP_PM_ADDR_ATTR_ADDR4={0x8, 0x3, @local}]}]}, 0x28}}, 0x0) 1.394653384s ago: executing program 5 (id=3743): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000100), 0x0, 0x0) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000040)={'syzkaller0\x00', 0x2}) r1 = openat$tun(0xffffffffffffff9c, &(0x7f0000000400), 0x0, 0x0) close(r1) socket$nl_generic(0x10, 0x3, 0x10) ioctl$SIOCSIFHWADDR(r1, 0x8914, &(0x7f0000002280)={'syzkaller0\x00', @multicast}) r2 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(r2, &(0x7f0000000000)={0x0, 0x0, &(0x7f0000000580)={&(0x7f0000000340)=@newqdisc={0x4c, 0x24, 0x4ee4e6a52ff56541, 0x1, 0x25dfdbfd, {0x0, 0x0, 0x0, 0x0, {0x0, 0xb}, {0xffff, 0xffff}, {0xfff2}}, [@qdisc_kind_options=@q_netem={{0xa}, {0x1c, 0x2, {{0x3, 0x3, 0x6361, 0x7, 0xffffffff, 0x3}}}}]}, 0x4c}, 0x1, 0x0, 0x0, 0x40088c1}, 0x0) sendmsg$nl_route_sched(r2, &(0x7f00000003c0)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000001040)=@newqdisc={0x3c, 0x24, 0x4ee4e6a52ff56541, 0x70b926, 0x25dfdc01, {0x0, 0x0, 0x0, 0x0, {0x0, 0xd}, {0xffff, 0xb}, {0xffff, 0xffe0}}, [@qdisc_kind_options=@q_codel={{0xa}, {0xc, 0x2, [@TCA_CODEL_CE_THRESHOLD={0x8, 0x5, 0x4}]}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x240040e0}, 0x4890) r3 = socket$packet(0x11, 0x3, 0x300) syz_emit_ethernet(0x214, &(0x7f00000003c0)={@multicast, @remote, @void, {@ipv6={0x86dd, @icmpv6={0x0, 0x6, "122d92", 0x1de, 0x3a, 0xff, @remote, @mcast2, {[], @ndisc_ra={0x86, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, [{0x0, 0xa, "a78ce54006598080a8030037004023493b87aafaffffffffffffff23732472eefa45ad96579269748e254c1e4a8a8b3f0ab0c430d3be27df3e34066d42ca0a5c15b37adac15084dbaf736b41e5af1802"}, {0x0, 0x1, "000000050000000026000400"}, {0x18, 0x18, "fe906d26efe39393fe08f73eabc5977b1190a3a6ad8338f1511cdd10c35d8f6de79fc7fd175f75649fa368a32c829af02d7f44d92324a7051e460a13ddde25a5b85b9d930914625d8a049b4cf0d129806a610ad8477a2499a9a0527f75b655a6653d0363a979acf93f88eea07d68423e90280409de1657275f716a2bf2915d1783e8eb477b0d1170f0ecbdef4c23e1b76e9ab3d2fbe4b34438d2a77577edd0ebed9682b851b380ae0cab282af9d7ebe668177704c5fd4698c934de4731f3f61effc978"}, {0x0, 0x15, "06aa85616177c41bc943afcb84619755403946b0730a18d5c38cf7dcad830f2dc8674b87ba8b58f81ece27975cc39e595e9af90b4fe92a38d25551c2d9ebfc5dfc5a2a501b7e483de3f808895c5f4a1a2367bc591dd8b094822ff0dea07c9a1f643c822a18b79f7c5eba31fb68b2d734a6671e27182aee96f24a4a5cf390dab23b500b0c0272479611e4f7f4299ec4d926d443367b105185e6ecd9602ba95392343e9bbd047ef6"}]}}}}}}, 0x0) sendto$packet(r3, &(0x7f00000005c0)="bad330fbc9b55400040000ea0756a85d86dd", 0x5ea, 0x40, &(0x7f00000001c0)={0x11, 0x8100, 0x0, 0x1, 0xd8, 0x6, @multicast}, 0x14) 1.365162753s ago: executing program 4 (id=3745): r0 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0) r1 = ioctl$KVM_CREATE_VCPU(r0, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r0, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r1, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cc, 0x0, 0xa1b, 0x8, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202}) connect$qrtr(0xffffffffffffffff, &(0x7f0000000040)={0x2a, 0x0, 0x7ffe}, 0xc) ioctl$KVM_RUN(r1, 0xae80, 0x0) 1.327727883s ago: executing program 4 (id=3746): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$nbd(&(0x7f0000000040), 0xffffffffffffffff) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff, 0xffffffffffffffff}) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$nbd(&(0x7f00000000c0), 0xffffffffffffffff) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000000)={0xffffffffffffffff}) sendmsg$NBD_CMD_CONNECT(r4, &(0x7f0000001ac0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000100)={0x30, r5, 0x1, 0xfffffffe, 0x0, {}, [@NBD_ATTR_SOCKETS={0x10, 0x7, 0x0, 0x1, [{0xc, 0x1, 0x0, 0x1, {0x8, 0x1, r6}}]}, @NBD_ATTR_SIZE_BYTES={0xc, 0x2, 0xffff}]}, 0x30}, 0x1, 0x0, 0x0, 0x20000001}, 0x20000000) sendmsg$NBD_CMD_RECONFIGURE(r0, &(0x7f0000000200)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000080)=ANY=[@ANYBLOB="98000000", @ANYRES16=r1, @ANYBLOB="2da52abd7000fbdbdf250300000008000100000000000800010000000000340007800c00018008000100", @ANYRES32=r2, @ANYRES32=r3], 0x98}, 0x1, 0x0, 0x0, 0x4008040}, 0x4000) 1.193024389s ago: executing program 4 (id=3750): syz_usb_connect(0x3, 0x2d, &(0x7f00000000c0)=ANY=[@ANYBLOB="1201000050cb5340450c10108e492940a80909021b00090000000009040002010035040009058dff86"], 0x0) timer_create(0x8, &(0x7f00000002c0)={0x0, 0x21, 0x0, @thr={0x0, 0x0}}, &(0x7f0000000100)) r0 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) write$char_usb(r0, &(0x7f0000000040)='L', 0x1) 1.054623512s ago: executing program 0 (id=3752): r0 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_IPV6_HOPOPTS(r0, 0x29, 0x36, &(0x7f0000000400)=ANY=[], 0x8) connect$inet6(r0, &(0x7f00000003c0)={0xa, 0xfffe, 0x3000001, @mcast2, 0x6}, 0x1c) setsockopt$SO_BINDTODEVICE(r0, 0x1, 0x19, &(0x7f0000000240)='bridge0\x00', 0x10) write(r0, &(0x7f0000000040)="822a0a65bd8c3b2b0304000e0580a7b6070d", 0x12) 1.005121101s ago: executing program 0 (id=3753): r0 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$nl802154(&(0x7f0000000340), r0) sendmsg$NL802154_CMD_SET_SEC_PARAMS(r0, 0x0, 0xc800) 1.004948312s ago: executing program 0 (id=3754): r0 = socket$alg(0x26, 0x5, 0x0) bind$alg(r0, &(0x7f0000000080)={0x26, 'skcipher\x00', 0x0, 0x0, 'cbc(anubis-generic)\x00'}, 0x58) setsockopt$ALG_SET_KEY(r0, 0x117, 0x1, &(0x7f0000000300)="c99b57381801238c09d0ff0f1d0dbd30", 0x10) r1 = accept4(r0, 0x0, 0x0, 0x80800) syz_genetlink_get_family_id$mptcp(0x0, r1) 923.192292ms ago: executing program 0 (id=3755): r0 = socket(0x200000100000011, 0x3, 0x0) r1 = socket$packet(0x11, 0x3, 0x300) ioctl$ifreq_SIOCGIFINDEX_batadv_mesh(r1, 0x8933, &(0x7f0000000240)={'batadv0\x00', 0x0}) bind$packet(r0, &(0x7f0000000040)={0x11, 0x0, r2, 0x1, 0x0, 0x6, @multicast}, 0x14) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000100)=0x800b, 0x4) sendmsg$netlink(r0, 0x0, 0x0) 922.926232ms ago: executing program 0 (id=3756): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r2 = dup3(r1, r0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000003200)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}, 0x1000}], 0x0, 0x0, 0x0}) 844.616878ms ago: executing program 0 (id=3757): r0 = syz_usb_connect(0x0, 0x371, &(0x7f0000000280)=ANY=[@ANYBLOB="1201000057ec0020c215dcff30bd0102030109025f03019b000000090400000b403b4e000905e2379c"], 0x0) syz_usb_control_io$cdc_ncm(r0, 0x0, 0x0) syz_usb_control_io$cdc_ecm(r0, 0x0, 0x0) syz_open_dev$char_usb(0xc, 0xb4, 0x80000000) r1 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000000)={0x1, &(0x7f0000000100)=[{0x6, 0x72, 0x0, 0x7fff0000}]}) setsockopt(0xffffffffffffffff, 0x84, 0x80, 0x0, 0x0) sendto$inet6(0xffffffffffffffff, 0x0, 0x0, 0x40, 0x0, 0x0) close_range(r1, 0xffffffffffffffff, 0x0) socket$vsock_stream(0x28, 0x1, 0x0) 191.112484ms ago: executing program 5 (id=3758): r0 = openat$sndtimer(0xffffffffffffff9c, &(0x7f0000000380), 0x101040) ioctl$SNDRV_TIMER_IOCTL_SELECT(r0, 0x40345410, &(0x7f0000000300)={{0x0, 0x2}}) ioctl$SNDRV_TIMER_IOCTL_CONTINUE(r0, 0x54a2) r1 = openat$sndseq(0xffffffffffffff9c, &(0x7f0000000600), 0x0) ioctl$SNDRV_SEQ_IOCTL_CREATE_QUEUE(r1, 0xc08c5332, 0x0) ioctl$SNDRV_SEQ_IOCTL_SET_QUEUE_TIMER(r1, 0x40605346, &(0x7f0000000780)={0x0, 0x0, {0x3, 0x0, 0x9, 0x0, 0x1}, 0x801}) close(0x3) 190.751431ms ago: executing program 5 (id=3759): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r0, 0x4018620d, &(0x7f0000000100)={0x73622a85, 0x200a}) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) r2 = dup3(r1, r0, 0x0) r3 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r3, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r3, 0x4018620d, &(0x7f00000001c0)={0x73622a85, 0xb, 0x8}) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r1, 0xc0306201, &(0x7f0000000300)={0x4c, 0x0, &(0x7f0000000540)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x11, 0x0, 0x0, 0x48, 0x18, &(0x7f00000004c0)={@flat=@weak_binder={0x77622a85, 0xb, 0x3}, @fd={0x66642a85, 0x0, r1}, @flat=@weak_handle={0x77682a85, 0x1115}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0}) 124.998855ms ago: executing program 5 (id=3760): r0 = openat$procfs(0xffffffffffffff9c, &(0x7f0000002600)='/proc/bus/input/devices\x00', 0x0, 0x0) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x802, 0x0) ioctl$UI_SET_EVBIT(r1, 0x40045564, 0x4) ioctl$UI_DEV_SETUP(r1, 0x405c5503, &(0x7f0000000100)={{0x100, 0x9, 0x2, 0xfffe}, 'syz1\x00', 0x3b}) ioctl$UI_DEV_CREATE(r1, 0x5501) read$FUSE(r0, 0x0, 0x0) 123.64021ms ago: executing program 5 (id=3768): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$wireguard(&(0x7f00000003c0), 0xffffffffffffffff) sendmsg$WG_CMD_SET_DEVICE(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000a00)={0x168, r1, 0x1, 0x70bd2b, 0x0, {}, [@WGDEVICE_A_PEERS={0xf0, 0x8, 0x0, 0x1, [{0x9c, 0x0, 0x0, 0x1, [@WGPEER_A_ALLOWEDIPS={0x50, 0x9, 0x0, 0x1, [{0x4c, 0x0, 0x0, 0x1, [@ipv4={{0x6}, {0x8, 0x2, @local}, {0x5, 0x3, 0x2}}, @ipv4={{0x6}, {0x8, 0x2, @multicast2}, {0x5, 0x3, 0x1}}, @ipv4={{0x6}, {0x8, 0x2, @multicast1}, {0x5, 0x3, 0xff}}]}]}, @WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "eff93d58460ea431f2cb4a6894ddb2834088d7445bf5afdd0619ce173f1db717"}]}, {0x4c, 0x0, 0x0, 0x1, [@WGPEER_A_PUBLIC_KEY={0x24, 0x1, @a_g}, @WGPEER_A_PRESHARED_KEY={0x24, 0x2, "491bc0be1dc1f88092e741a88b64f6dd9218ad21b44b472e44f1d0807ee6675c"}]}, {0x4}]}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}, @WGDEVICE_A_IFNAME={0x14, 0x2, 'wg0\x00'}, @WGDEVICE_A_PRIVATE_KEY={0x24, 0x3, @b}, @WGDEVICE_A_LISTEN_PORT={0x6, 0x6, 0x4e22}]}, 0x168}, 0x1, 0x0, 0x0, 0x4004840}, 0x40000) 810.616µs ago: executing program 4 (id=3761): select(0x0, 0x0, 0x0, 0x0, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000240), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_kvm_setup_cpu$x86(0xffffffffffffffff, 0xffffffffffffffff, &(0x7f0000005000/0x18000)=nil, &(0x7f0000000380)=[@text32={0x20, &(0x7f00000001c0)="b8050000000f01c10f46a78900000066ba2100b067ee66ba2000b000ee6d6c2f800000c00f3266bac0000f3066b808008ed0660f38806f008ee0", 0x3a}], 0x1, 0x8, 0x0, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x2) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f0000000000)={[0x33, 0x78e, 0x80000000002, 0x181, 0x4, 0xffffffffffffffff, 0xf1, 0x4, 0xfffffffffffffd7e, 0x45, 0xf65, 0x1, 0xfffffffffffffffe, 0x0, 0xff, 0x8], 0x8000000, 0x3c4210}) ioctl$KVM_RUN(r2, 0xae80, 0x0) 0s ago: executing program 5 (id=3762): r0 = openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000003c0)={[0x60000000004, 0x1000000000, 0x5, 0x41, 0x2000000, 0x0, 0x2004cc, 0x0, 0xa1b, 0x8, 0x5, 0x0, 0x3, 0x2], 0x10000, 0x202}) connect$qrtr(0xffffffffffffffff, &(0x7f0000000040)={0x2a, 0x0, 0x7ffe}, 0xc) ioctl$KVM_RUN(r2, 0xae80, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:65444' (ED25519) to the list of known hosts. [ 47.650543][ T5923] cgroup: Unknown subsys name 'net' [ 47.835376][ T5923] cgroup: Unknown subsys name 'cpuset' [ 47.842129][ T5923] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 48.697326][ T5923] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 51.988696][ T5939] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 51.993727][ T5942] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 52.003219][ T5944] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 52.003360][ T5947] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 52.005811][ T5944] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 52.008528][ T5947] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 52.012320][ T5944] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 52.013472][ T5947] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 52.016392][ T5944] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 52.018541][ T5947] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 52.020064][ T5950] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 52.020534][ T5950] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 52.021601][ T5950] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 52.023755][ T5944] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 52.027066][ T5950] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 52.037912][ T5951] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 52.042606][ T5951] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 52.049497][ T5951] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 52.056061][ T5951] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 52.059813][ T5951] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 52.291945][ T5945] chnl_net:caif_netlink_parms(): no params data found [ 52.357649][ T5935] chnl_net:caif_netlink_parms(): no params data found [ 52.450852][ T5938] chnl_net:caif_netlink_parms(): no params data found [ 52.553548][ T5945] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.555831][ T5945] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.558214][ T5945] bridge_slave_0: entered allmulticast mode [ 52.561420][ T5945] bridge_slave_0: entered promiscuous mode [ 52.565095][ T5945] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.567362][ T5945] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.569596][ T5945] bridge_slave_1: entered allmulticast mode [ 52.573057][ T5945] bridge_slave_1: entered promiscuous mode [ 52.598226][ T5935] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.600473][ T5935] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.603581][ T5935] bridge_slave_0: entered allmulticast mode [ 52.606220][ T5935] bridge_slave_0: entered promiscuous mode [ 52.657106][ T5935] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.660051][ T5935] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.662591][ T5935] bridge_slave_1: entered allmulticast mode [ 52.666278][ T5935] bridge_slave_1: entered promiscuous mode [ 52.670054][ T5948] chnl_net:caif_netlink_parms(): no params data found [ 52.683756][ T5945] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.734607][ T5945] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.765893][ T5935] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 52.848599][ T5935] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 52.851570][ T5938] bridge0: port 1(bridge_slave_0) entered blocking state [ 52.854013][ T5938] bridge0: port 1(bridge_slave_0) entered disabled state [ 52.856147][ T5938] bridge_slave_0: entered allmulticast mode [ 52.858679][ T5938] bridge_slave_0: entered promiscuous mode [ 52.865725][ T5945] team0: Port device team_slave_0 added [ 52.906331][ T5938] bridge0: port 2(bridge_slave_1) entered blocking state [ 52.908747][ T5938] bridge0: port 2(bridge_slave_1) entered disabled state [ 52.911225][ T5938] bridge_slave_1: entered allmulticast mode [ 52.914836][ T5938] bridge_slave_1: entered promiscuous mode [ 52.919052][ T5945] team0: Port device team_slave_1 added [ 52.983890][ T5935] team0: Port device team_slave_0 added [ 53.026146][ T5948] bridge0: port 1(bridge_slave_0) entered blocking state [ 53.029236][ T5948] bridge0: port 1(bridge_slave_0) entered disabled state [ 53.033914][ T5948] bridge_slave_0: entered allmulticast mode [ 53.037715][ T5948] bridge_slave_0: entered promiscuous mode [ 53.042219][ T5935] team0: Port device team_slave_1 added [ 53.045914][ T5938] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.049258][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.051508][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.059565][ T5945] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.069938][ T5945] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.072328][ T5945] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.088362][ T5945] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.092071][ T5948] bridge0: port 2(bridge_slave_1) entered blocking state [ 53.094863][ T5948] bridge0: port 2(bridge_slave_1) entered disabled state [ 53.097840][ T5948] bridge_slave_1: entered allmulticast mode [ 53.100624][ T5948] bridge_slave_1: entered promiscuous mode [ 53.119598][ T5938] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.180387][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.183314][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.192512][ T5935] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.197731][ T5935] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.200021][ T5935] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.208396][ T5935] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.230517][ T5938] team0: Port device team_slave_0 added [ 53.256266][ T5948] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 53.264878][ T5938] team0: Port device team_slave_1 added [ 53.269290][ T5948] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 53.433988][ T5945] hsr_slave_0: entered promiscuous mode [ 53.437311][ T5945] hsr_slave_1: entered promiscuous mode [ 53.440916][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.443362][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.453669][ T5938] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.459404][ T5948] team0: Port device team_slave_0 added [ 53.492399][ T5938] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.494728][ T5938] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.504907][ T5938] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.510512][ T5948] team0: Port device team_slave_1 added [ 53.518213][ T5935] hsr_slave_0: entered promiscuous mode [ 53.521489][ T5935] hsr_slave_1: entered promiscuous mode [ 53.524407][ T5935] debugfs: 'hsr0' already exists in 'hsr' [ 53.526856][ T5935] Cannot create hsr debugfs directory [ 53.649816][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 53.652124][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.660084][ T5948] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 53.687972][ T5948] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 53.690192][ T5948] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 53.698436][ T5948] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 53.741740][ T5938] hsr_slave_0: entered promiscuous mode [ 53.744533][ T5938] hsr_slave_1: entered promiscuous mode [ 53.747029][ T5938] debugfs: 'hsr0' already exists in 'hsr' [ 53.749358][ T5938] Cannot create hsr debugfs directory [ 53.887456][ T5948] hsr_slave_0: entered promiscuous mode [ 53.889914][ T5948] hsr_slave_1: entered promiscuous mode [ 53.893226][ T5948] debugfs: 'hsr0' already exists in 'hsr' [ 53.895206][ T5948] Cannot create hsr debugfs directory [ 54.073877][ T5945] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 54.082404][ T5945] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 54.101733][ T5951] Bluetooth: hci1: command tx timeout [ 54.101812][ T5950] Bluetooth: hci0: command tx timeout [ 54.102084][ T5942] Bluetooth: hci3: command tx timeout [ 54.102240][ T5942] Bluetooth: hci2: command tx timeout [ 54.105535][ T5945] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 54.119475][ T5945] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 54.153278][ T5938] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 54.158414][ T5938] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 54.163113][ T5938] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 54.167615][ T5938] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 54.200112][ T5935] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 54.206185][ T5935] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 54.215002][ T5935] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 54.219013][ T5935] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 54.275904][ T5948] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 54.283871][ T5948] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 54.288321][ T5948] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 54.294147][ T5948] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 54.326279][ T5945] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.370744][ T5945] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.394019][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.397193][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.413018][ T1141] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.416108][ T1141] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.431578][ T5935] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.455910][ T5938] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.465428][ T5935] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.475576][ T5948] 8021q: adding VLAN 0 to HW filter on device bond0 [ 54.483902][ T1141] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.486215][ T1141] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.500983][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.504131][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.511956][ T5938] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.528900][ T5948] 8021q: adding VLAN 0 to HW filter on device team0 [ 54.536491][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.539444][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.553674][ T13] bridge0: port 1(bridge_slave_0) entered blocking state [ 54.556260][ T13] bridge0: port 1(bridge_slave_0) entered forwarding state [ 54.561755][ T13] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.564205][ T13] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.581796][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 54.584137][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 54.600784][ T5948] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 54.604701][ T5948] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 54.654752][ T5935] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 54.757505][ T5948] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.787189][ T5948] veth0_vlan: entered promiscuous mode [ 54.798291][ T5948] veth1_vlan: entered promiscuous mode [ 54.823556][ T5935] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.830260][ T5945] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.838340][ T5938] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 54.849306][ T5948] veth0_macvtap: entered promiscuous mode [ 54.868314][ T5948] veth1_macvtap: entered promiscuous mode [ 54.895475][ T5935] veth0_vlan: entered promiscuous mode [ 54.899837][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 54.916190][ T5945] veth0_vlan: entered promiscuous mode [ 54.922333][ T5948] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 54.929218][ T5945] veth1_vlan: entered promiscuous mode [ 54.939087][ T5935] veth1_vlan: entered promiscuous mode [ 54.944772][ T1141] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.948208][ T1141] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.961974][ T1141] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.967686][ T5938] veth0_vlan: entered promiscuous mode [ 54.977190][ T1141] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 54.986195][ T5938] veth1_vlan: entered promiscuous mode [ 55.010450][ T5945] veth0_macvtap: entered promiscuous mode [ 55.025917][ T5945] veth1_macvtap: entered promiscuous mode [ 55.033933][ T5935] veth0_macvtap: entered promiscuous mode [ 55.052818][ T5935] veth1_macvtap: entered promiscuous mode [ 55.061319][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.064113][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.085563][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.092781][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.096222][ T5938] veth0_macvtap: entered promiscuous mode [ 55.103477][ T5945] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.108959][ T5935] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.113170][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.114005][ T5938] veth1_macvtap: entered promiscuous mode [ 55.115749][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.128455][ T1152] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.135705][ T1152] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.145595][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 55.147943][ T1152] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.150800][ T1152] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.164676][ T1152] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.167471][ T1152] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.170166][ T1152] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.175084][ T5938] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 55.176425][ T5948] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 55.186083][ T1152] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.207544][ T12] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.210575][ T12] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.214470][ T12] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.230456][ T12] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 55.260796][ T46] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.266581][ T46] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.271341][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.274547][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.296800][ T1152] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.299309][ T1152] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.320464][ T46] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.330855][ T46] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.399567][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.402907][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.474017][ T5950] block nbd0: Receive control failed (result -32) [ 55.490730][ T6038] capability: warning: `syz.1.2' uses deprecated v2 capabilities in a way that may be insecure [ 55.497808][ T6037] input: syz1 as /devices/virtual/input/input5 [ 55.510868][ T1141] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 55.514641][ T1141] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 55.576193][ T6045] netlink: 48 bytes leftover after parsing attributes in process `syz.2.3'. [ 55.811105][ T29] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 55.921121][ T5978] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 55.961100][ T29] usb 8-1: Using ep0 maxpacket: 8 [ 55.965447][ T29] usb 8-1: config 0 interface 0 altsetting 254 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 55.969358][ T29] usb 8-1: config 0 interface 0 altsetting 254 endpoint 0x81 has invalid wMaxPacketSize 0 [ 55.973004][ T29] usb 8-1: config 0 interface 0 has no altsetting 0 [ 55.975427][ T29] usb 8-1: New USB device found, idVendor=04d8, idProduct=00dd, bcdDevice= 0.00 [ 55.978578][ T29] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 55.986805][ T29] usb 8-1: config 0 descriptor?? [ 56.081238][ T5978] usb 7-1: Using ep0 maxpacket: 16 [ 56.084574][ T5978] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 56.088903][ T5978] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 56.092423][ T5978] usb 7-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 3 [ 56.097517][ T5978] usb 7-1: New USB device found, idVendor=0955, idProduct=7214, bcdDevice=ed.00 [ 56.100574][ T5978] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 56.106877][ T5978] usb 7-1: config 0 descriptor?? [ 56.182192][ T5950] Bluetooth: hci0: command tx timeout [ 56.182284][ T5951] Bluetooth: hci1: command tx timeout [ 56.191080][ T5951] Bluetooth: hci2: command tx timeout [ 56.191298][ T5950] Bluetooth: hci3: command tx timeout [ 56.412591][ T29] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 56.416479][ T29] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 56.419406][ T29] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 56.422644][ T29] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 56.425655][ T29] mcp2221 0003:04D8:00DD.0002: unknown main item tag 0x0 [ 56.429385][ T29] mcp2221 0003:04D8:00DD.0002: USB HID vff.ff Device [HID 04d8:00dd] on usb-dummy_hcd.3-1/input0 [ 56.511321][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 56.519053][ T5978] shield 0003:0955:7214.0003: unknown main item tag 0x0 [ 56.522302][ T5978] shield 0003:0955:7214.0003: unknown main item tag 0x0 [ 56.531033][ T5978] shield 0003:0955:7214.0003: unknown main item tag 0x0 [ 56.533947][ T5978] shield 0003:0955:7214.0003: unknown main item tag 0x0 [ 56.541092][ T5978] shield 0003:0955:7214.0003: unknown main item tag 0x0 [ 56.546211][ T5978] input: HID 0955:7214 Haptics as /devices/virtual/input/input6 [ 56.647362][ T5978] shield 0003:0955:7214.0003: Registered Thunderstrike controller [ 56.680589][ T5978] shield 0003:0955:7214.0003: : USB HID v0.00 Device [HID 0955:7214] on usb-dummy_hcd.2-1/input0 [ 56.718484][ T6050] netlink: 'syz.2.12': attribute type 2 has an invalid length. [ 56.721986][ T6050] netlink: 244 bytes leftover after parsing attributes in process `syz.2.12'. [ 56.743448][ T6051] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -EPROTO [ 56.745655][ T29] usb 8-1: USB disconnect, device number 2 [ 56.748788][ T5978] usb 7-1: USB disconnect, device number 2 [ 56.752711][ T6051] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 56.756943][ T6051] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 56.763578][ T6051] shield 0003:0955:7214.0003: Failed to output Thunderstrike HOSTCMD request HID report due to -ENODEV [ 56.827901][ T6064] block device autoloading is deprecated and will be removed. [ 56.897726][ T6064] netlink: 32 bytes leftover after parsing attributes in process `syz.1.15'. [ 56.941150][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 56.977173][ T6066] netlink: 32 bytes leftover after parsing attributes in process `syz.0.17'. [ 57.158945][ T6070] syz.3.18 uses obsolete (PF_INET,SOCK_PACKET) [ 57.161759][ T6070] syzkaller1: entered promiscuous mode [ 57.163476][ T6070] syzkaller1: entered allmulticast mode [ 57.410664][ T6078] netlink: 8 bytes leftover after parsing attributes in process `syz.1.22'. [ 57.451389][ T0] NOHZ tick-stop error: local softirq work is pending, handler #202!!! [ 57.461327][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 57.711286][ T9] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 57.871146][ T9] usb 7-1: Using ep0 maxpacket: 32 [ 57.877281][ T9] usb 7-1: config index 0 descriptor too short (expected 29220, got 36) [ 57.880406][ T9] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 57.883227][ T9] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 57.886178][ T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 57.889829][ T9] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 57.893338][ T9] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid maxpacket 14385, setting to 1024 [ 57.897624][ T9] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x82 has invalid maxpacket 1024 [ 57.901270][ T9] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 57.906038][ T9] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 57.910402][ T9] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 57.922622][ T9] usb 7-1: config 0 descriptor?? [ 57.929253][ T6076] raw-gadget.0 gadget.2: fail, usb_ep_enable returned -22 [ 58.143755][ T9] usblp 7-1:0.0: usblp0: USB Bidirectional printer dev 3 if 0 alt 0 proto 3 vid 0x03F0 pid 0x6C17 [ 58.261146][ T5950] Bluetooth: hci3: command tx timeout [ 58.261370][ T5951] Bluetooth: hci0: command tx timeout [ 58.261887][ T5298] Bluetooth: hci2: command tx timeout [ 58.261909][ T5298] Bluetooth: hci1: command tx timeout [ 58.344441][ C3] usblp0: nonzero read bulk status received: -71 [ 58.407944][ T24] usb 7-1: USB disconnect, device number 3 [ 58.422989][ T24] usblp0: removed [ 58.682510][ T6101] netlink: 'syz.0.30': attribute type 1 has an invalid length. [ 58.799727][ T6102] netlink: 32 bytes leftover after parsing attributes in process `syz.1.28'. [ 59.321464][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 59.327417][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 59.331830][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 59.441228][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 59.444606][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 59.447931][ T0] NOHZ tick-stop error: local softirq work is pending, handler #40!!! [ 60.098975][ T6152] Zero length message leads to an empty skb [ 60.109322][ T6152] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 60.246279][ T6165] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 60.275726][ T40] audit: type=1326 audit(1761205492.021:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.2.50" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x7ffc0000 [ 60.283276][ T40] audit: type=1326 audit(1761205492.021:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.2.50" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x7ffc0000 [ 60.293098][ T40] audit: type=1326 audit(1761205492.021:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.2.50" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf7f06579 code=0x7ffc0000 [ 60.313991][ T40] audit: type=1326 audit(1761205492.021:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.2.50" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x7ffc0000 [ 60.341414][ T5951] Bluetooth: hci1: command tx timeout [ 60.341565][ T5950] Bluetooth: hci2: command tx timeout [ 60.345670][ T40] audit: type=1326 audit(1761205492.021:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.2.50" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x7ffc0000 [ 60.352240][ T5950] Bluetooth: hci3: command tx timeout [ 60.355256][ T5951] Bluetooth: hci0: command tx timeout [ 60.359078][ T40] audit: type=1326 audit(1761205492.021:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.2.50" exe="/syz-executor" sig=0 arch=40000003 syscall=361 compat=1 ip=0xf7f06579 code=0x7ffc0000 [ 60.368515][ T40] audit: type=1326 audit(1761205492.021:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.2.50" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x7ffc0000 [ 60.377082][ T40] audit: type=1326 audit(1761205492.021:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.2.50" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x7ffc0000 [ 60.385728][ T40] audit: type=1326 audit(1761205492.021:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.2.50" exe="/syz-executor" sig=0 arch=40000003 syscall=362 compat=1 ip=0xf7f06579 code=0x7ffc0000 [ 60.394603][ T40] audit: type=1326 audit(1761205492.021:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6166 comm="syz.2.50" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf7f06579 code=0x7ffc0000 [ 60.547110][ T6180] syzkaller0: entered promiscuous mode [ 60.548982][ T6180] syzkaller0: entered allmulticast mode [ 60.671046][ T24] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 60.837733][ T6192] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 60.859644][ T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has an invalid bInterval 0, changing to 7 [ 60.867008][ T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x3 has invalid wMaxPacketSize 0 [ 60.871368][ T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8A has an invalid bInterval 0, changing to 7 [ 60.875941][ T24] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x8A has invalid wMaxPacketSize 0 [ 60.883873][ T24] usb 8-1: New USB device found, idVendor=0a07, idProduct=00d0, bcdDevice=10.13 [ 60.887292][ T24] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 60.890520][ T24] usb 8-1: Product: syz [ 60.892573][ T24] usb 8-1: Manufacturer: syz [ 60.894191][ T24] usb 8-1: SerialNumber: syz [ 60.898140][ T24] usb 8-1: config 0 descriptor?? [ 61.107535][ T24] adutux 8-1:0.0: ADU208 4242424 now attached to /dev/usb/adutux0 [ 61.180028][ T6204] netlink: 8 bytes leftover after parsing attributes in process `syz.0.62'. [ 61.309227][ T24] usb 8-1: USB disconnect, device number 3 [ 61.642623][ T6214] tls_set_device_offload_rx: netdev not found [ 62.043891][ T6239] netlink: 4 bytes leftover after parsing attributes in process `syz.3.73'. [ 62.547246][ T6260] syzkaller0: entered promiscuous mode [ 62.549905][ T6260] syzkaller0: entered allmulticast mode [ 62.928081][ T6268] netlink: 64 bytes leftover after parsing attributes in process `syz.2.85'. [ 63.657288][ T6294] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 63.734556][ T6301] netlink: 4 bytes leftover after parsing attributes in process `syz.0.93'. [ 64.350567][ T6329] overlayfs: failed to clone upperpath [ 64.411922][ T840] hid-generic 0006:0004:0009.0004: unknown main item tag 0x0 [ 64.414362][ T840] hid-generic 0006:0004:0009.0004: unknown main item tag 0x0 [ 64.416773][ T840] hid-generic 0006:0004:0009.0004: unknown main item tag 0x0 [ 64.419340][ T840] hid-generic 0006:0004:0009.0004: unknown main item tag 0x0 [ 64.422723][ T840] hid-generic 0006:0004:0009.0004: unknown main item tag 0x0 [ 64.425167][ T840] hid-generic 0006:0004:0009.0004: unknown main item tag 0x0 [ 64.427795][ T840] hid-generic 0006:0004:0009.0004: unknown main item tag 0x0 [ 64.430358][ T840] hid-generic 0006:0004:0009.0004: unknown main item tag 0x0 [ 64.433123][ T840] hid-generic 0006:0004:0009.0004: unknown main item tag 0x0 [ 64.435522][ T840] hid-generic 0006:0004:0009.0004: unknown main item tag 0x0 [ 64.441535][ T840] hid-generic 0006:0004:0009.0004: hidraw1: VIRTUAL HID v0.04 Device [syz1] on syz0 [ 64.527582][ T6336] fido_id[6336]: Failed to open report descriptor at '/sys/devices/virtual/misc/uhid/report_descriptor': No such file or directory [ 64.639332][ T86] netdevsim netdevsim2 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.738969][ T86] netdevsim netdevsim2 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.846660][ T86] netdevsim netdevsim2 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.918346][ T5950] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 64.922428][ T5950] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 64.926792][ T5950] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 64.930553][ T5950] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 64.937598][ T86] netdevsim netdevsim2 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 64.943208][ T5950] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 65.111382][ T86] bridge_slave_1: left allmulticast mode [ 65.114222][ T86] bridge_slave_1: left promiscuous mode [ 65.117075][ T86] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.125119][ T86] bridge_slave_0: left allmulticast mode [ 65.127539][ T86] bridge_slave_0: left promiscuous mode [ 65.129655][ T86] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.419570][ T86] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 65.424960][ T86] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 65.429400][ T86] bond0 (unregistering): Released all slaves [ 65.444974][ T6350] chnl_net:caif_netlink_parms(): no params data found [ 65.626778][ T6350] bridge0: port 1(bridge_slave_0) entered blocking state [ 65.629720][ T6350] bridge0: port 1(bridge_slave_0) entered disabled state [ 65.633794][ T6350] bridge_slave_0: entered allmulticast mode [ 65.636464][ T6350] bridge_slave_0: entered promiscuous mode [ 65.640602][ T6350] bridge0: port 2(bridge_slave_1) entered blocking state [ 65.644092][ T6350] bridge0: port 2(bridge_slave_1) entered disabled state [ 65.647086][ T6350] bridge_slave_1: entered allmulticast mode [ 65.649760][ T6350] bridge_slave_1: entered promiscuous mode [ 65.717369][ T6350] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 65.729399][ T6350] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 65.746699][ T6373] netlink: 4 bytes leftover after parsing attributes in process `syz.0.119'. [ 65.834167][ T6350] team0: Port device team_slave_0 added [ 65.865087][ T6350] team0: Port device team_slave_1 added [ 65.926380][ T86] hsr_slave_0: left promiscuous mode [ 65.929784][ T86] hsr_slave_1: left promiscuous mode [ 65.933626][ T86] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 65.936639][ T86] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 65.940547][ T86] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 65.950078][ T86] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 65.985829][ T86] veth1_macvtap: left promiscuous mode [ 65.987709][ T86] veth0_macvtap: left promiscuous mode [ 65.989511][ T86] veth1_vlan: left promiscuous mode [ 65.992032][ T86] veth0_vlan: left promiscuous mode [ 66.142670][ T6388] netlink: 32 bytes leftover after parsing attributes in process `syz.1.118'. [ 66.570125][ T86] team0 (unregistering): Port device team_slave_1 removed [ 66.630032][ T86] team0 (unregistering): Port device team_slave_0 removed [ 66.991228][ T5951] Bluetooth: hci1: command tx timeout [ 67.137124][ T6350] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 67.139986][ T6350] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 67.151968][ T6350] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 67.161828][ T6350] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 67.165377][ T6350] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1532 would solve the problem. [ 67.178540][ T6350] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 67.241101][ T6350] hsr_slave_0: entered promiscuous mode [ 67.244525][ T6350] hsr_slave_1: entered promiscuous mode [ 67.247499][ T6350] debugfs: 'hsr0' already exists in 'hsr' [ 67.249903][ T6350] Cannot create hsr debugfs directory [ 67.303515][ T1949] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 67.434987][ T6350] netdevsim netdevsim4 netdevsim0: renamed from eth0 [ 67.438949][ T6350] netdevsim netdevsim4 netdevsim1: renamed from eth1 [ 67.443334][ T6350] netdevsim netdevsim4 netdevsim2: renamed from eth2 [ 67.447988][ T6350] netdevsim netdevsim4 netdevsim3: renamed from eth3 [ 67.472108][ T1949] usb 6-1: unable to get BOS descriptor or descriptor too short [ 67.476436][ T1949] usb 6-1: unable to read config index 0 descriptor/start: -71 [ 67.491113][ T1949] usb 6-1: can't read configurations, error -71 [ 67.528224][ T6350] 8021q: adding VLAN 0 to HW filter on device bond0 [ 67.557840][ T6350] 8021q: adding VLAN 0 to HW filter on device team0 [ 67.565968][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 67.569085][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 67.577320][ T1152] bridge0: port 2(bridge_slave_1) entered blocking state [ 67.579733][ T1152] bridge0: port 2(bridge_slave_1) entered forwarding state [ 67.612637][ T6350] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 67.760688][ T6350] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 67.931613][ T6350] veth0_vlan: entered promiscuous mode [ 67.936914][ T6350] veth1_vlan: entered promiscuous mode [ 67.965668][ T6350] veth0_macvtap: entered promiscuous mode [ 67.969810][ T6350] veth1_macvtap: entered promiscuous mode [ 67.985037][ T6350] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 67.996279][ T6350] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 68.002774][ T13] netdevsim netdevsim4 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.007388][ T13] netdevsim netdevsim4 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.012432][ T13] netdevsim netdevsim4 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.016238][ T13] netdevsim netdevsim4 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 68.071758][ T1141] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.072779][ T6458] serio: Serial port ptm0 [ 68.074820][ T1141] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.085803][ T86] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 68.088251][ T86] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 68.104014][ T6461] loop2: detected capacity change from 0 to 7 [ 68.109638][ T6461] loop2: [ 68.111099][ T6461] loop2: partition table partially beyond EOD, truncated [ 68.278406][ T6472] syzkaller1: entered promiscuous mode [ 68.441397][ T6474] syzkaller0: entered promiscuous mode [ 68.447773][ T6474] syzkaller0: entered allmulticast mode [ 68.694443][ T6482] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 69.073185][ T5951] Bluetooth: hci1: command tx timeout [ 69.508097][ T6507] ip6_tunnel: non-ECT from fc02:0000:0000:0000:0000:0000:0000:0000 with DS=0x1 [ 70.003725][ T6531] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 70.237737][ T5951] Bluetooth: hci0: SCO packet too small [ 70.351993][ T6561] overlayfs: failed to clone upperpath [ 70.361169][ T29] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 70.501220][ T6021] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 70.533103][ T29] usb 8-1: Using ep0 maxpacket: 8 [ 70.536726][ T29] usb 8-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid maxpacket 56832, setting to 1024 [ 70.540202][ T29] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 1024 [ 70.544246][ T29] usb 8-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 70.547667][ T29] usb 8-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 70.551967][ T29] usb 8-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 70.555055][ T29] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.594365][ T6574] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 70.661055][ T6021] usb 6-1: Using ep0 maxpacket: 8 [ 70.664724][ T6021] usb 6-1: config 16 interface 0 altsetting 0 endpoint 0x5 has invalid wMaxPacketSize 0 [ 70.667767][ T6021] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x5 has invalid maxpacket 0 [ 70.670790][ T6021] usb 6-1: config 16 interface 0 altsetting 0 bulk endpoint 0x8B has invalid maxpacket 32 [ 70.674011][ T6021] usb 6-1: config 16 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 3 [ 70.678105][ T6021] usb 6-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 70.681012][ T6021] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 70.795962][ T29] usb 8-1: usb_control_msg returned -32 [ 70.798027][ T29] usbtmc 8-1:16.0: can't read capabilities [ 70.901999][ T6021] usb 6-1: GET_CAPABILITIES returned 0 [ 70.903982][ T6021] usbtmc 6-1:16.0: can't read capabilities [ 70.986461][ T1416] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.988599][ T1416] ieee802154 phy1 wpan1: encryption failed: -22 [ 71.070150][ T6583] warning: `syz.4.175' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 71.096714][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 71.101802][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 71.105364][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 71.108791][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 71.112225][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 71.115666][ C2] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 71.121196][ C3] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 71.124067][ C3] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 71.126968][ C3] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 71.130064][ C3] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 71.132935][ C3] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 71.135551][ T6584] netlink: 32 bytes leftover after parsing attributes in process `syz.0.174'. [ 71.135868][ C3] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 71.142411][ C3] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 71.145262][ C3] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 71.148122][ C3] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 71.150976][ C3] usbtmc 8-1:16.0: usbtmc_read_bulk_cb - nonzero read bulk status received: -71 [ 71.154797][ T5951] Bluetooth: hci1: command tx timeout [ 71.156242][ T1949] usb 6-1: USB disconnect, device number 4 [ 71.512960][ T6592] netlink: 'syz.4.178': attribute type 10 has an invalid length. [ 71.521797][ T6592] 8021q: adding VLAN 0 to HW filter on device bond0 [ 71.526168][ T6592] team0: Port device bond0 added [ 71.684320][ T6595] syzkaller0: entered promiscuous mode [ 71.686394][ T6595] syzkaller0: entered allmulticast mode [ 72.127372][ T6613] kvm: vcpu 2: requested lapic timer restore with starting count register 0x390=198462431 (396924862 ns) > initial count (148514 ns). Using initial count to start timer. [ 73.128638][ T6021] usb 8-1: USB disconnect, device number 4 [ 73.222223][ T5951] Bluetooth: hci1: command tx timeout [ 73.263385][ T6089] usb 6-1: new high-speed USB device number 5 using dummy_hcd [ 73.357593][ T6629] kvm_intel: set kvm_intel.dump_invalid_vmcs=1 to dump internal KVM state. [ 73.412407][ T6089] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 73.415185][ T6089] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 73.418347][ T6089] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 73.421248][ T6089] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 73.426611][ T6089] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 73.429632][ T6089] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 73.432402][ T6089] usb 6-1: Product: syz [ 73.433786][ T6089] usb 6-1: Manufacturer: syz [ 73.439004][ T6089] cdc_wdm 6-1:1.0: skipping garbage [ 73.440704][ T6089] cdc_wdm 6-1:1.0: skipping garbage [ 73.453859][ T6089] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 73.455785][ T6089] cdc_wdm 6-1:1.0: Unknown control protocol [ 73.557961][ T6639] Driver unsupported XDP return value 0 on prog (id 24) dev N/A, expect packet loss! [ 73.644496][ T29] usb 6-1: USB disconnect, device number 5 [ 73.711218][ T34] usb 8-1: new high-speed USB device number 5 using dummy_hcd [ 73.865806][ T6655] netlink: 12 bytes leftover after parsing attributes in process `syz.4.198'. [ 73.872940][ T34] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 73.875937][ T34] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 73.879074][ T34] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 73.882278][ T34] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 73.887729][ T34] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 73.890608][ T34] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 73.893905][ T34] usb 8-1: Product: syz [ 73.895230][ T34] usb 8-1: Manufacturer: syz [ 73.900837][ T34] cdc_wdm 8-1:1.0: skipping garbage [ 73.902635][ T34] cdc_wdm 8-1:1.0: skipping garbage [ 73.904997][ T34] cdc_wdm 8-1:1.0: cdc-wdm0: USB WDM device [ 73.906889][ T34] cdc_wdm 8-1:1.0: Unknown control protocol [ 73.964635][ T40] kauditd_printk_skb: 7 callbacks suppressed [ 73.964651][ T40] audit: type=1800 audit(1761205505.711:19): pid=6659 uid=0 auid=4294967295 ses=4294967295 subj=unconfined op=collect_data cause=failed(directio) comm="syz.4.200" name="file0" dev="overlay" ino=95 res=0 errno=0 [ 74.102381][ T1949] usb 6-1: new high-speed USB device number 6 using dummy_hcd [ 74.105936][ T29] usb 8-1: USB disconnect, device number 5 [ 74.221314][ T6666] syzkaller0: entered promiscuous mode [ 74.223219][ T6666] syzkaller0: entered allmulticast mode [ 74.252471][ T1949] usb 6-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 74.255260][ T1949] usb 6-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 74.258481][ T1949] usb 6-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 74.262183][ T1949] usb 6-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 74.268278][ T1949] usb 6-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 74.272110][ T1949] usb 6-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 74.274890][ T1949] usb 6-1: Product: syz [ 74.276214][ T1949] usb 6-1: Manufacturer: syz [ 74.283311][ T1949] cdc_wdm 6-1:1.0: skipping garbage [ 74.285116][ T1949] cdc_wdm 6-1:1.0: skipping garbage [ 74.287779][ T1949] cdc_wdm 6-1:1.0: cdc-wdm0: USB WDM device [ 74.289701][ T1949] cdc_wdm 6-1:1.0: Unknown control protocol [ 74.561085][ T2172] usb 8-1: new high-speed USB device number 6 using dummy_hcd [ 74.746232][ T2172] usb 8-1: config 1 has too many interfaces: 66, using maximum allowed: 32 [ 74.749221][ T2172] usb 8-1: config 1 has an invalid descriptor of length 0, skipping remainder of the config [ 74.752724][ T2172] usb 8-1: config 1 has 1 interface, different from the descriptor's value: 66 [ 74.755846][ T2172] usb 8-1: config 1 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 74.763172][ T2172] usb 8-1: New USB device found, idVendor=7d25, idProduct=a415, bcdDevice= 0.40 [ 74.766291][ T2172] usb 8-1: New USB device strings: Mfr=1, Product=4, SerialNumber=0 [ 74.769586][ T2172] usb 8-1: Product: syz [ 74.771090][ T2172] usb 8-1: Manufacturer: syz [ 74.816865][ T2172] cdc_wdm 8-1:1.0: skipping garbage [ 74.818740][ T2172] cdc_wdm 8-1:1.0: skipping garbage [ 74.839656][ T2172] cdc_wdm 8-1:1.0: cdc-wdm1: USB WDM device [ 74.842404][ T2172] cdc_wdm 8-1:1.0: Unknown control protocol [ 75.048848][ C2] cdc_wdm 6-1:1.0: nonzero urb status received: -71 [ 75.049750][ T5940] usb 6-1: USB disconnect, device number 6 [ 75.051832][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - 0 bytes [ 75.056580][ C2] cdc_wdm 6-1:1.0: wdm_int_callback - usb_submit_urb failed with result -19 [ 75.574561][ T6669] UDC core: USB Raw Gadget: couldn't find an available UDC or it's busy [ 75.582876][ T6669] misc raw-gadget: fail, usb_gadget_register_driver returned -16 [ 75.805330][ T6671] netlink: 4 bytes leftover after parsing attributes in process `syz.0.212'. [ 75.808680][ T6671] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 75.811656][ T6671] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 75.818879][ T6671] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 75.822358][ T6671] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 75.938103][ T6677] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 75.942041][ T6677] block device autoloading is deprecated and will be removed. [ 75.942150][ T6680] md: async del_gendisk mode will be removed in future, please upgrade to mdadm-4.5+ [ 75.947921][ T6680] block device autoloading is deprecated and will be removed. [ 76.061226][ T6687] netlink: 'syz.4.209': attribute type 1 has an invalid length. [ 76.799441][ T840] usb 8-1: USB disconnect, device number 6 [ 77.255116][ T840] usb 8-1: new full-speed USB device number 7 using dummy_hcd [ 77.275746][ T6741] netfs: Couldn't get user pages (rc=-14) [ 77.422451][ T840] usb 8-1: config 1 interface 0 has no altsetting 0 [ 77.427128][ T840] usb 8-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 77.430287][ T840] usb 8-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 77.432880][ T840] usb 8-1: Product: syz [ 77.434545][ T840] usb 8-1: Manufacturer: syz [ 77.436495][ T840] usb 8-1: SerialNumber: syz [ 77.783275][ T6751] orangefs_devreq_write_iter: total:0: must be at least:8240: [ 77.900239][ T6755] syzkaller0: entered promiscuous mode [ 77.902293][ T6755] syzkaller0: entered allmulticast mode [ 78.526877][ T840] usblp 8-1:1.0: usblp0: USB Unidirectional printer dev 7 if 0 alt 253 proto 1 vid 0x0525 pid 0xA4A8 [ 79.934235][ T5978] usb 8-1: USB disconnect, device number 7 [ 79.954227][ T5978] usblp0: removed [ 80.236404][ T6818] netlink: 32 bytes leftover after parsing attributes in process `syz.4.242'. [ 80.500768][ T6833] GUP no longer grows the stack in syz.3.247 (6833): 80004000-8000a000 (80002000) [ 80.506143][ T6833] CPU: 2 UID: 0 PID: 6833 Comm: syz.3.247 Not tainted syzkaller #0 PREEMPT(full) [ 80.506168][ T6833] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 80.506180][ T6833] Call Trace: [ 80.506186][ T6833] [ 80.506193][ T6833] dump_stack_lvl+0x16c/0x1f0 [ 80.506219][ T6833] gup_vma_lookup+0x1d2/0x220 [ 80.506243][ T6833] __get_user_pages+0x241/0x3530 [ 80.506276][ T6833] ? find_held_lock+0x2b/0x80 [ 80.506296][ T6833] ? __pfx___get_user_pages+0x10/0x10 [ 80.506328][ T6833] get_user_pages_remote+0x243/0xab0 [ 80.506353][ T6833] ? mast_spanning_rebalance.isra.0+0x2060/0x2060 [ 80.506378][ T6833] ? __pfx_get_user_pages_remote+0x10/0x10 [ 80.506406][ T6833] ? __sanitizer_cov_trace_switch+0x54/0x90 [ 80.506441][ T6833] __access_remote_vm+0x250/0xaa0 [ 80.506469][ T6833] ? do_raw_spin_lock+0x12c/0x2b0 [ 80.506496][ T6833] ? __pfx___access_remote_vm+0x10/0x10 [ 80.506527][ T6833] proc_pid_cmdline_read+0x4de/0x8e0 [ 80.506550][ T6833] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 80.506573][ T6833] ? rw_verify_area+0xcf/0x6c0 [ 80.506592][ T6833] ? __pfx_proc_pid_cmdline_read+0x10/0x10 [ 80.506611][ T6833] vfs_readv+0x5c1/0x8b0 [ 80.506634][ T6833] ? __pfx_vfs_readv+0x10/0x10 [ 80.506670][ T6833] ? __fget_files+0x20e/0x3c0 [ 80.506696][ T6833] ? do_preadv+0x1a6/0x270 [ 80.506711][ T6833] do_preadv+0x1a6/0x270 [ 80.506728][ T6833] ? __pfx_do_preadv+0x10/0x10 [ 80.506748][ T6833] ? rcu_is_watching+0x12/0xc0 [ 80.506772][ T6833] __do_fast_syscall_32+0x7c/0x300 [ 80.506803][ T6833] do_fast_syscall_32+0x32/0x80 [ 80.506825][ T6833] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 80.506848][ T6833] RIP: 0023:0xf7fa4579 [ 80.506863][ T6833] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 80.506880][ T6833] RSP: 002b:00000000f547555c EFLAGS: 00000296 ORIG_RAX: 000000000000014d [ 80.506898][ T6833] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 0000000080000040 [ 80.506910][ T6833] RDX: 0000000000000001 RSI: 0000000000000300 RDI: 0000000000000000 [ 80.506920][ T6833] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 80.506930][ T6833] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 80.506940][ T6833] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 80.506965][ T6833] [ 791.664132][ T1140] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 791.666768][ T1140] CPU: 3 UID: 0 PID: 1140 Comm: kworker/u32:6 Not tainted syzkaller #0 PREEMPT(full) [ 791.671281][ T1140] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 791.674582][ T1140] Workqueue: netns cleanup_net [ 791.676107][ T1140] Call Trace: [ 791.677186][ T1140] [ 791.678150][ T1140] dump_stack_lvl+0x3d/0x1f0 [ 791.679632][ T1140] vpanic+0x640/0x6f0 [ 791.680893][ T1140] ? xfrm_state_fini+0x289/0x310 [ 791.682457][ T1140] panic+0xca/0xd0 [ 791.683669][ T1140] ? __pfx_panic+0x10/0x10 [ 791.685087][ T1140] ? check_panic_on_warn+0x1f/0xb0 [ 791.686715][ T1140] check_panic_on_warn+0xab/0xb0 [ 791.688332][ T1140] __warn+0xf6/0x3c0 [ 791.690030][ T1140] ? xfrm_state_fini+0x289/0x310 [ 791.691717][ T1140] report_bug+0x3c3/0x580 [ 791.693071][ T1140] ? xfrm_state_fini+0x289/0x310 [ 791.694636][ T1140] handle_bug+0x184/0x210 [ 791.695995][ T1140] exc_invalid_op+0x17/0x50 [ 791.697456][ T1140] asm_exc_invalid_op+0x1a/0x20 [ 791.699030][ T1140] RIP: 0010:xfrm_state_fini+0x289/0x310 [ 791.700753][ T1140] Code: c4 f7 90 0f 0b 90 e9 e7 fe ff ff e8 b1 6a c4 f7 90 0f 0b 90 e9 39 ff ff ff e8 a3 6a c4 f7 90 0f 0b 90 eb 8a e8 98 6a c4 f7 90 <0f> 0b 90 e9 d5 fd ff ff e8 4a 01 2c f8 e9 f8 fd ff ff e8 70 01 2c [ 791.706654][ T1140] RSP: 0018:ffffc90006d07a90 EFLAGS: 00010293 [ 791.708728][ T1140] RAX: 0000000000000000 RBX: ffff88804c6e0000 RCX: fffff52000da0f23 [ 791.711263][ T1140] RDX: ffff888027028000 RSI: ffffffff89f7ff68 RDI: ffff888027028484 [ 791.713699][ T1140] RBP: ffff88804c6e14c0 R08: 0000000000000001 R09: 0000000000000000 [ 791.716147][ T1140] R10: 0000000000000001 R11: 0000000000000001 R12: ffffc90006d07bd8 [ 791.718671][ T1140] R13: dffffc0000000000 R14: fffffbfff2055ac0 R15: ffffffff902ad5e0 [ 791.721120][ T1140] ? xfrm_state_fini+0x288/0x310 [ 791.722673][ T1140] ? __pfx_xfrm_net_exit+0x10/0x10 [ 791.724259][ T1140] xfrm_net_exit+0x2d/0x70 [ 791.725658][ T1140] ops_undo_list+0x2ee/0xab0 [ 791.727114][ T1140] ? __pfx_ops_undo_list+0x10/0x10 [ 791.728746][ T1140] ? cleanup_net+0x347/0x8b0 [ 791.730214][ T1140] ? idr_destroy+0x62/0x2e0 [ 791.731645][ T1140] cleanup_net+0x41b/0x8b0 [ 791.733051][ T1140] ? __pfx_cleanup_net+0x10/0x10 [ 791.734610][ T1140] ? rcu_is_watching+0x12/0xc0 [ 791.736116][ T1140] process_one_work+0x9cf/0x1b70 [ 791.737693][ T1140] ? __pfx_process_one_work+0x10/0x10 [ 791.739442][ T1140] ? assign_work+0x1a0/0x250 [ 791.740903][ T1140] worker_thread+0x6c8/0xf10 [ 791.742391][ T1140] ? __pfx_worker_thread+0x10/0x10 [ 791.743966][ T1140] kthread+0x3c5/0x780 [ 791.745257][ T1140] ? __pfx_kthread+0x10/0x10 [ 791.746763][ T1140] ? rcu_is_watching+0x12/0xc0 [ 791.748287][ T1140] ? __pfx_kthread+0x10/0x10 [ 791.749745][ T1140] ret_from_fork+0x675/0x7d0 [ 791.751190][ T1140] ? __pfx_kthread+0x10/0x10 [ 791.752674][ T1140] ret_from_fork_asm+0x1a/0x30 [ 791.754219][ T1140] [ 791.755942][ T1140] Kernel Offset: disabled [ 791.757375][ T1140] Rebooting in 86400 seconds.. VM DIAGNOSIS: 07:57:03 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000000 RBX=0000000000000001 RCX=ffffffff91b03038 RDX=1ffff9200192dd80 RSI=1ffff9200192dd82 RDI=ffffc9000c96fb40 RBP=ffffc9000c96ec10 RSP=ffffc9000c96eb58 R8 =ffffffff91b0303c R9 =0000000000000000 R10=0000000000000000 R11=000000000008e9a0 R12=ffffc9000c96ec18 R13=ffffc9000c96ebc8 R14=ffffc9000c96fb48 R15=ffffc9000c96ebfc RIP=ffffffff816bd26f RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097812000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f73b6250 CR3=0000000056c48000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=1ffffd400024d441 RBX=8000000049a88007 RCX=ffffffff82087e1f RDX=ffff888022c2a480 RSI=ffffffff820a473a RDI=0000000000000006 RBP=0000000000000001 RSP=ffffc9000d10f658 R8 =0000000000000006 R9 =0000000000059800 R10=0000000000049a00 R11=0000000000000001 R12=0000000000000000 R13=ffffea00011da6f0 R14=ffffea000126a200 R15=dffffc0000000000 RIP=ffffffff820a4756 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff888097912000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7f055c0 CR3=000000006c3f2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000600 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000000000 RBX=0000000000000005 RCX=000000000000003b RDX=1ffff92000758e65 RSI=ffffffff84aa6e6f RDI=0000000000000007 RBP=ffffc90003ac7320 RSP=ffffc90003ac7190 R8 =0000000000000007 R9 =0000000000000040 R10=000000000000003b R11=0000000000000001 R12=000000000000001f R13=ffffc90003ac7260 R14=ffff88802b017577 R15=0000000000000759 RIP=ffffffff84aa6eb4 RFL=00000a06 [-O---P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0000 0000000000000000 ffffffff 00c00000 DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 00007f4d09377300 ffffffff 00c00000 GS =0000 ffff888097a12000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000055e85056c000 CR3=000000004bd23000 CR4=00352ef0 DR0=ffffffffffffffff DR1=00000000000001f8 DR2=0000000000000083 DR3=ffffffffefffff15 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000fcffc200 Opmask01=000000000000ffff Opmask02=00000000ffffffff Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000001 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000003bf12 0000002c00000012 0004000000080024 0000000000280030 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000ebb 0000001400000000 0000000000000000 0000000000000015 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 498e10100c454053 cb50000001125208 0380030800000092 0000000300000001 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000010208000180 0201000000080606 017d804c02080180 0300080002e80800 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 180800060075980f ffffffff02018002 0008000008000801 76d2120800019803 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0008000190031008 0001880300080001 80030fffffffff02 0380025a08000608 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00080175f686ff8d 0509000435000102 0004090000000009 001b020909a84029 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00010fffffffff02 0f800201cc080006 0172e0600fec0008 07a0808080020806 ZMM25=1fcfb2031fcfb203 1fcfb2031fcfb203 1fcfb2031fcfb203 1fcfb2031fcfb203 1fcfb2031fcfb203 1fcfb2031fcfb203 1fcfb2031fcfb203 1fcfb2031fcfb203 ZMM26=6f7d0feb6f7d0feb 6f7d0feb6f7d0feb 6f7d0feb6f7d0feb 6f7d0feb6f7d0feb 6f7d0feb6f7d0feb 6f7d0feb6f7d0feb 6f7d0feb6f7d0feb 6f7d0feb6f7d0feb ZMM27=785d5081785d5081 785d5081785d5081 785d5081785d5081 785d5081785d5081 785d5081785d5081 785d5081785d5081 785d5081785d5081 785d5081785d5081 ZMM28=000000200000001f 0000001e0000001d 0000001c0000001b 0000001a00000019 0000001800000017 0000001600000015 0000001400000013 0000001200000011 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=5e1e00005e1e0000 5e1e00005e1e0000 5e1e00005e1e0000 5e1e00005e1e0000 5e1e00005e1e0000 5e1e00005e1e0000 5e1e00005e1e0000 5e1e00005e1e0000 info registers vcpu 3 CPU#3 RAX=0000000000000023 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85266465 RDI=ffffffff9adc0d60 RBP=ffffffff9adc0d20 RSP=ffffc90006d072d8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000001 R12=0000000000000000 R13=0000000000000023 R14=ffffffff9adc0d20 R15=ffffffff85266400 RIP=ffffffff8526648f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097b12000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002f416ffc CR3=0000000013746000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000104080 Opmask01=00000000003ffffe Opmask02=00000000003fffff Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 746e65696c635f73 666e2f74656e2f73 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000557c2cb9a270 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000557c2cb89880 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe85b3f1b20 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000ff0000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000000000ff00 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000557c2cb89880 0000557c2cb9a270 0000557c2cb80e00 0000557c2cba06d0 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000746e65696c63 5f73666e2f74656e 2f73666e2f73662f ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007fe85b3f1b30 0048544150564544 0000000000000021 0000557c2c00302e ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000000002d1 7200306e00305f65 6b0034746e657600 317761726469682f ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7766736c2c346d61 2c39722c4638312c 4538312c4438312c 4338312c4238312c ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4138312c3938312c 3838312c3738312c 3638312c3538312c 3438312c3338312c ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3238312c3138312c 3038312c4637312c 4537312c4437312c 4337312c4237312c ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 4137312c3937312c 3837312c3737312c 3637312c3537312c 3437312c3337312c ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000