last executing test programs: 5.013613226s ago: executing program 3 (id=328): syz_open_dev$loop(&(0x7f0000000500), 0x3, 0x2580) r0 = socket$inet(0xa, 0x801, 0x82) connect$inet(r0, &(0x7f0000004cc0)={0x2, 0x0, @remote={0xac, 0x14, 0xffffffffffffffff}}, 0x10) listen(r0, 0x8) r1 = accept4(r0, 0x0, 0x0, 0x0) getsockopt$inet_IP_XFRM_POLICY(r0, 0x0, 0x11, &(0x7f0000000840)={{{@in=@local, @in6=@private2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}, {{@in6}, 0x0, @in6=@empty}}, &(0x7f0000000540)=0xfffffffffffffd7f) mount$9p_virtio(&(0x7f0000000100), &(0x7f0000000480)='./file0\x00', &(0x7f00000004c0), 0x870024, &(0x7f0000000640)=ANY=[@ANYBLOB='trans>virtio,access=client,dfltuid=', @ANYRESHEX=r2, @ANYBLOB=',cache=none,nodevmap,debug=0x0000000000000005,uname=/proc/sys/net/ipv4/vs/conn_reuse_mode\x00,cache=none,debug=0x0000000000000003,nodevmap,noextend,\x00']) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(r1, 0x84, 0x9, &(0x7f0000000140)={0x0, @in={{0x2, 0x4e24, @empty}}, 0x3, 0x1, 0x10, 0x96, 0x36, 0x2, 0x9}, &(0x7f0000000000)=0x9c) r3 = socket(0x80000000000000a, 0x2, 0x0) setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000340)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0x0, @empty, 0x4}}}, 0x108) setsockopt$inet6_group_source_req(r3, 0x29, 0x2e, &(0x7f0000000200)={0x1, {{0xa, 0x0, 0x0, @mcast1={0xff, 0x7}}}, {{0xa, 0x0, 0xa4ffffff, @rand_addr=' \x01\x00'}}}, 0x15a) r4 = socket$kcm(0x10, 0x2, 0x0) sendmsg$kcm(r4, &(0x7f0000000940)={0x0, 0x0, &(0x7f00000001c0)=[{&(0x7f0000000000)="d8000000100081046881f782db44b904021d080b01000000e8fe55a11800150006001400000000120800040043000000a80016000a00014006000d00036010fab94dcf5c0461c1d67f6f94007134cf6ee08000a0e408e8d8ef52a9d7c7c0b7a196e6f66112c88ac417898516277ce06bbace80177ccbec4c2ee5a7cef4090000001fb791643a5ee4ce1b14d6d930dfe1d9d322fe7c9f8775730d0080000000000000b57a5025ccca9e00360db70100000040fad95667e006dcdf63951f215ce3bb14feb9f5588a63644caf1ce1bd6c769ad809d52a9ecbee", 0xd8}], 0x1}, 0x0) syz_genetlink_get_family_id$wireguard(&(0x7f0000000040), r1) syz_emit_ethernet(0x77, &(0x7f0000001580)=ANY=[@ANYBLOB="83a740a1f7ccaaaaaaaaaa0086dd605085d600418800fe800000000000000000000000000000fe8000000000000000000000000000aa00000400004001"], 0x0) r5 = openat$ipvs(0xffffff9c, &(0x7f0000000000)='/proc/sys/net/ipv4/vs/conn_reuse_mode\x00', 0x2, 0x0) read$char_usb(r5, &(0x7f0000000580)=""/184, 0xb8) 4.914979525s ago: executing program 3 (id=329): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3}) r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r5 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r1, 0xc00464b4, &(0x7f0000000240)={r3}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000340)={0xda2, 0x8169, 0x6, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb}) ioctl$AUTOFS_DEV_IOCTL_SETPIPEFD(0xffffffffffffffff, 0xc0189378, &(0x7f0000000000)={{0x1, 0x1, 0x18, r0, {r4}}, './file0\x00'}) sendmsg$IPCTNL_MSG_CT_GET(r7, &(0x7f00000003c0)={&(0x7f0000000140)={0x10, 0x0, 0x0, 0x10}, 0xc, &(0x7f0000000280)={&(0x7f0000000440)={0x14, 0x1, 0x1, 0x801, 0x0, 0x0, {0x0, 0x0, 0x7}}, 0x14}, 0x1, 0x0, 0x0, 0x20008000}, 0x24000000) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f00000001c0)={0x15, 0x1, 0x3}) ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r4, 0xc00464b4, &(0x7f0000000400)={r6}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000200)={0x10001, 0x401f, 0x3}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000380)={0xff, 0x3, 0xd83f}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000002c0)={0x8, 0xd7, 0x8}) close_range(r0, 0xffffffffffffffff, 0x0) 4.852355892s ago: executing program 3 (id=331): r0 = socket$kcm(0x10, 0x2, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = syz_io_uring_setup(0x4f21, &(0x7f0000000500)={0x0, 0xc541, 0x20, 0x0, 0x800000}, &(0x7f0000000340)=0x0, &(0x7f00000004c0)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x1, 0x0, @fd=r0, 0x0, 0x0, 0x5, 0x0, 0x1, {0x0, 0x0, r1}}) syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) listen(0xffffffffffffffff, 0xcbe) socket$tipc(0x1e, 0x5, 0x0) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x28c, 0x18c, 0x2b8, 0x182, 0x18c, 0x0, 0x284, 0x3a8, 0x3a8, 0x284, 0x3a8, 0x3, 0x0, {[{{@uncond, 0x0, 0xa4, 0xcc, 0x0, {0x0, 0xe0ffff00000000}}, @common=@inet=@SET1={0x28}}, {{@uncond, 0x0, 0xc8, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x2e8) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x5, 0x60, 0x43, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_GET_PROG_INFO(0x15, &(0x7f0000000340)={r8, 0xe0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x6f) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101}) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d10bfe150a7487535f7866907dc6751dfb265a0e3ccae669e173a649c1cfd6587d452d46b7c57d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3ff03fe3e26e7a23129d6606fd28a7f9105f82317874b33d96b39fa4e045469989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f1623ed38ae89d24e14b40234756ddcebfba2f87925bfacba83109753f543ad027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70900000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbf83a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d6209000000c773713a66b223fa8b148871c8d31d24000025449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed208ada12f7a1525320e71666f472a972d5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff080000ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb0379659500000000000000000000000000000000000000002fdf0193ec79c90ed210ebc2fbed6d4216770c1b0dec886b388d138c2b69c6aacb714e7264093061c660a5100b7cc165889eb94c8d7c77b6fa06f1a4f8e4a6b6cb37e319c5c22f276b03cae853f42b07ca0b03b1eb32a6b1a81cd511fd0b59d57a11c6a3ebf9731464ad21f07f618efc31023ac60007426162b57e803519954d7c956fda392fa84be38e937d36af1c35138e05a9e8d6dc0272de72c41500000000304402e22af23437126f330f8eb4075daaeae3134ece35cd86d95bd9836bd186c4b6565e967a4e3e86f299b7400994ba136b4eccf3b0f001a266c0d160b3ce1182001d64b52a5ce7f506295d59eea6903b84ffbabf5a5b91c1d6ecce8728a224aec66c610e3becd60a35e848c224f8251947eed20e2b612cb099bfe8924d33ba7f0691fed04a43e9c64b7a1e3165e86cdb9871c678a6bbb14821f441c6c14d1bd78d8ffdfea12c19ea04264335d60b6b7a7da6fb83f33101db32f6ab137d943dd3c1e8db9f3e1263573dc721ae82fe0bc63598751a5092c9f7dbfc39d564834e3703492c2a651643d8ce5c36d97a4812cf73fc8ea0d68d7489cfcb0176"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r9}, 0xb) 3.974598725s ago: executing program 3 (id=337): r0 = socket$unix(0x1, 0x1, 0x0) bind$unix(r0, &(0x7f0000000180)=@file={0x1, '\xe9\x1fq\x89Y\x1e\x923aK\x00'}, 0x6e) r1 = socket(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000040)=@newlink={0x3c, 0x10, 0x401, 0x0, 0x0, {}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @geneve={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_GENEVE_REMOTE={0x8, 0x2, @multicast2}]}}}]}, 0x3c}, 0x1, 0x4801000000000000}, 0x0) r2 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) ioctl$sock_SIOCGIFINDEX(r2, 0x8933, &(0x7f0000000180)={'netdevsim0\x00', 0x0}) r4 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r4, &(0x7f0000000280)={0x0, 0x0, &(0x7f0000001140)={&(0x7f00000001c0)=ANY=[@ANYBLOB="440000001000030500"/20, @ANYRES32=0x0, @ANYBLOB="010000001184f9bb1c0012800b0001006d616373656300000c00028005000f000200000008000500", @ANYRES32=r3], 0x44}}, 0x0) syz_pidfd_open(0x0, 0x0) r5 = open_tree(0xffffffffffffff9c, &(0x7f0000000100)='\x00', 0x89901) openat$sr(0xffffff9c, &(0x7f00000000c0), 0x200, 0x0) r6 = fspick(r5, &(0x7f0000000080)='\xe9\x1fq\x89Y\x1e\x923aK\x00', 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r6, 0x7, 0x0, 0x0, 0x0) fsconfig$FSCONFIG_CMD_RECONFIGURE(r6, 0x7, 0x0, 0x0, 0x0) bind$unix(r0, &(0x7f00000001c0)=@file={0x1, './file0\x00'}, 0x6e) 3.874896486s ago: executing program 3 (id=338): socket(0x40000000015, 0x5, 0x0) r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r1, &(0x7f00000006c0)={0x0, 0x0, &(0x7f0000000080)={&(0x7f0000000000)=@newlink={0x3c, 0x10, 0x40d, 0x0, 0x0, {0x0, 0x0, 0x0, 0x0, 0x2a500, 0x801}, [@IFLA_LINKINFO={0x1c, 0x12, 0x0, 0x1, @bridge={{0xb}, {0xc, 0x2, 0x0, 0x1, [@IFLA_BR_MCAST_MLD_VERSION={0x5, 0x2c, 0x7}]}}}]}, 0x3c}, 0x1, 0x0, 0x0, 0x2004c811}, 0x0) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f00000001c0), 0x8042, 0x0) r2 = syz_io_uring_setup(0x6908, &(0x7f0000000340)={0x0, 0x0, 0x10100}, &(0x7f0000000140), &(0x7f0000000100)=0x0) syz_io_uring_setup(0x1864, &(0x7f00000003c0), &(0x7f0000000040)=0x0, &(0x7f0000000180)) syz_io_uring_submit(r4, r3, &(0x7f00000001c0)=@IORING_OP_READ=@pass_buffer={0x16, 0x0, 0x0, @fd_index=0x3, 0x0, 0x0, 0x0, 0x1}) io_uring_enter(r2, 0x184c, 0x0, 0x0, 0x0, 0x0) r5 = syz_usb_connect$cdc_ecm(0x0, 0x66, &(0x7f00000005c0)=ANY=[@ANYBLOB="12010003020000402505a1a4400001020301090254000101062008090400aa0302060004092406000009d0de540524000b000d240f010c00000001000180060c241b06000400000780ff03090581031000040501090582021000050710090503020002"], &(0x7f0000000400)={0x0, 0x0, 0x0, 0x0}) syz_usb_ep_write(r5, 0x3, 0x2, &(0x7f0000000540)="f93d") r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x11, 0x8, &(0x7f0000001640)=ANY=[@ANYBLOB="620af8ff0c200021bfa100000000000007010000f8ffffffb702000003000000bd120000000000008500000006000000b70000000000000095000000000000003faf4f1e7f2aa3d9b18ed81c0c869b51ec6c0af4e0e4a9446c7670568982b4e020f698393aa0f3881f9c24aa56f15199fad0093c59d66b5ece9f36c70d0f13905ea23c22624c9f87f9793f50bb546040677b0c5077da80fb982c1e9400e693146cea484a415b76966118b64f751a0f241b072e90080008002d75593a286cecc93e64c227c95aa0b784625704f07a72c234664c0af9360a1f7a5e6b607130c89f18c0c1089d8b853289e01aa27ae8b09e00e79ab20b0b8e1148f42fc3199f000000000000006fa03c6468972089b302d7bf6023cdcedb5e0125ebbc08dee510cb2364149215108333719acd97cfa107d40224edc5465a932b77e74e802a0d42bc6099ad2300000080006ef6c1ff0900000000000010c63a949e8b7955394ffa82b8e942c89112f4ab87b1bfeda7be586602d985430cea0162ab3fcf4591c926abfb0767192302000000b0eea24492a660583eecb42cbcd3de3a83209da17a0faf60fd6ad9b97aa5fa68480366c9c6fd6fa5043aa3926b81e3b59c95c25a573dc2edcaea2b1a52496dfcaf99431412fd134a996382a1a04d5bb924cfe5f3185418d605ffff9c4d2ec7c32f2095e63c80af735ed41793bdf9fa740b5b7632f32030916f89c6dad7603f2ba2a790d62d6faec2fed44da4928b30142ba11de6c5d50b83bae613402216b5054d1e7c13b1355d6f4a8245ffa4997da9c77af4c0eb97fca585ec6bf58351d564beb6d952aab9c70764b0a8a7583c90b3433b809bdb9fbd48bc873495cbff8a326eea31ae4e0f7505ebf6c9d13330ca005ace1a84521f14518c9b476fccbd6c712016219848624b87cec2dbc68223a0eb4fa39f6b5c02e6d6d90756ff57902a8f57000000009700cf0b4b8bc2294133000000000000000000030000000000000000000000000010008bc0d9559711e6e8861c46495ba585a4b2d02edc3e28dd271c896249ed85b980680b00002b435ac15fc0288d9b2a169cdcacc413038dafb7a2c8cb482bac0ac502d9ba96ffffff7f00001000000000eeff7c5ad897ef3b7cda42013d53046da21b40216e14ba2d6ad5656bfff17addaedab25b30002abbba7fa725f38400be7c1f001b2cd317902f19e385be9e48dccff729eec082830689da6b53b263339863297771429d120000003341bf4abacac95900fca0493cf29b33dcc9ffffffffffffffd39fec2271ff01589646efd1cf870cd7bb2366fde41f94290c2a5ff870ce41fd3467decb05cfd9fcb32c8ed1dbd9d10a64c1083d5e71b5565b1768ee58969c41595229df17bcad70fb4021428ce970275d13b78100788f11f76161d46ea3abe0fa4d30dc94ef241875f3b4ce0232fcea69c271d7fa29822aea68a660e717a04becff0f719197724f4fce1093b62d7e8c7123d8ec571be54c72d978cf906df0042e36acd37d7f9e119f2c06f815312e0cfe222a06f56dd022c074eb8a322fb0bf47c0a8d154b405c37feaf3dd95f6ef2ae582786105c7df8be5877050c91301bb997316dbf17866fb84d4173731efe895ff2e1c5560926e90109b598502d3e959efc71f665c4d75cf2458e3546c1c776da64fb5abee0acfd235f2f4632c9062ece84c99a061887a20639b41c8c12ee86c50804042b3fb5aac518a75f9e7d7101d5e186c489b3a06fb99e0aa7f23a054de2f4d92d6bd72ee2c9fdc75aaaf1e3e483b4ad05573af40326993947d9a631bcbf3583784acbda216550d7aec6b79e30cbd128f54c2d3335457acf37331766e472391e358c3b377327ac9ecc34f24c9ae153ec60ac0694dc55bff9f5f45f90400000000000000d6b2c5ea1393fdf24285bf16b99c9cc0ad1857216f1a985f369191ae954febb3df464bfe0f7f3ee9afe7befb89d2777399f5874c553aeb3729cffe86e66964ae09bb6d163118e4cbe024fd4500f8ff0700000000cc9d8046c216c1f895778cb25122a2a9f9b444aeadea2a40da8daccf080842a486721737390cbf3a74cb2003016f1514216bdf57d2a40d40b51ab63e96ec8485b3b8a8c9ae3d14f93100c2e0893862eef552fcde2981f48c482bde8a168c3f5db2fea6f26e4a4304e50c349f4f9ecee27defc93871c5f99b355b72d538ba4958ea8e4aa37094191e10096e7e60fc3541a2c905a1a95e9571bf38ae1981c4238ecaee6f75cd0a6881bd1517a8250ddc8674152f94e3a409e2a3bce109b60000000000000000d6d5210d7503000000a87a27602b81f76386f1535bef1497f92186086e29c6bc5a1fad6ec9a31137abf9a404abde7750898b1bd627e873f8703be8672d70d1ab57075228a9f46ed9bd1f08fb8191bbab2dc51de3a61f0868afc4294859323e6c257a45319f18101288d139bd3da20fed05a8fe64680b0a3fc22dd70400000000946912d6c98cd1a9fbe1e7d58c08acaf30235b918a31d2eca55f74a23641f61f2d5b308cf0d031b0c7f0ced69993e9960ff5f76015e6009556237badf4e7965bbe2777e808fcba821aa8e8c5c39609ff854352cb4900000000000000000000000000c1fee30a3f7a85d1b29e58c77685efc0ceb1c8e5729c66418d169fc03aa188546b3ad2a182068e1e3a0e2505bc7f41019645466a53f1c96e0d4b3bc19faa5449209b083dbd334b47f067bbab40743b2a42010082008df75cf43f8ecc8d3726602111b40e761fd21081920382f14d12ca3c3431ee97471c7868dcda7eaa69eb7f7f80572fdd11bb1d0d1280fbc22bf73468788df51710d7d31c632fc5ed1762eb0b428ee751c47d8e894f745a868404a0bf35f0121008b722b1eaa6aedfa1bf2e7ccb2d61d5d76331945ecefa26b8471d424c14283a94395b64645288d7226bbd9ccd628ab84875f2c50ba891cea592b0430a537a395dc73bda367bf12cb7d81691a5fe8c47be395656a297e9df0e71f96756ea5cce7daac4be290159f6bcd75f0dda9de5532e71ae9e48b0ed0254a83100000000f6fbb869604d51a36a54c832e45b2569dc0d90b075225fde44c4e0973171ad47d6b0fdf9743af932cd6db49a47613808bad959710300000000000000832d0a45fa4242e24c7e800003c9e8095e02985f28e678f66422436f949e2ab8f162d7e3f855e378f4a1f40b0c6fb2d4b205a800b6d713acebc5b014e61a543a5a194f9ac18d76b5440e3b1a569e7397f6cafa86966d7ba19e720413267a6ccea9c439671d2c680f2753ca184eeeb843450368acb4383a01d25eb3d1e23e0f2645d1cdfa9fa410632f95a5f622f851c66ee7e30393cd7a4d67ff2a49c4f93c0984b5c2d4523497e4d64f95f08493564a1df87111c9bf3194fef97dcecc467ace45feeb685c5870d05f88a0f463db88d377442e1349acaf766218b54a9d620100000000000000494198276eb2df7766411bef0ebb5000000000006065d635b0b7a00ee767221d8af9753387e0cd8d718f54a29df6eba3bd4c440e6e2172e3fcc01b8babb757b5c59217b80d0db3ba582814a604e4ef7a803e9ca7c85b35c9b93a9e0885e238b44ae1c2e64cce3b27083b8246829e64056000302bffff15405bd5f2eba20000000000000000000000000000000000009a9823fd8fbc5aa165099c5ed032b48ea12d8e0588dc52702e4084913a06d468d0928bad76d697e1f85ab030e788d38788ee5b5428d4a971cc97db9fd231088e570735ce129e7e77fc2777692664a1488fd8d6dff4dad618fd54f529d4555c6507009ee69dd1bc55258789b24052137e9637f3efbab71720f88c3c44b3b7486f979e8a3174b531f573fe0e5239c000be2733c49546f6e8a9175ec6f14dbf72cac91643b2fd99c29eca28a3c2e60d5e5b8795fae16a7c3ea57e728eca35eaf0155a39f97580e079175426c088a0208040982a0000000000000000000000000051ceaaf0159fe61f2eade7603d0a7a56fb09cd119ac06adb6597155ae47846892bb423c024d8cbe9240b71ec6dc2124d3a19e2d714b273d95d1d3aa737cb04a33615ff2a730e51067d5d675d7122361c37c61a43b5afd865b60d4cae891b73220f17d25985a7f76834995e53a93a1c7b9eef267df691ca983a0b15bda7f6c5c1ca7aa50261a3089a1ebf0734c9b07e8951ff023263ad5aed8cfb49b49e128c697724c057d22c5df5aef27ce3db11d5ad5527d149d076e1a87e2df27c0cb8a67ad026bf953e88f10447e125c2c0f1aebee1f3390a9e3ddad4e2a6e0f6e4569fdefa19e870e04acf9493b963f98e23cfc665e4f465fa3f801e1957c399e45f61d3459b1c606204368bb931345af2823c487d2fd99db6ea6e008e7ffa06ca861551189d155bd077a79fe2c7e961352e56824f727d21d41eae78bfec4a2d7a7edbc8ef958c5ea599f7c25bf71c2340558aa12fdd24a88aaad5921aee7dae6a2f3009d9cb43ab4898d0f0aa565431b6abe585d75db04d1c9ba0b9de4ae8b0d3132bc6810cc9a693979f55174a72e1df9fdef35bc470f9e6e591982757f45c52c645d891bf63bb21fb66926ebe1a8525611fc3e8bb8795c36dc2a86b5ab46ff33cc74f61751b2dae92676db85c8d0c721b7ea4544bf51c95c86fcac1f434d09d1ee4928aafe23de66fed972e0dddfb33f64e48701b049239e7f552d816441d11c4c2647c014462344359198d97c4b6e9ed31ca18987b64de079b2bed641e8a92f13ca70844c65cb423d01950b0ebf44bd28e09c05d9ae5dd689fb880fb18d042219f5ac60c3a03b085abf3e8e3efc842a8d328733461f04c99607061c65ed14c61322a5ac2d371a95b8ad867ec92d13a4fa4ae033a09673866cd779a8758d8855400d8c6a7242dc207251e8797eca24ea4f487663e60f2f5e1f1424958fd148f846830e88a42d93e1fe9b0b4a4a268921738938aa9f3cb3811ac87c54c8ebc8bcfb4613cc3a997ff1579edbd4ade8020e3ad001b072b1a751b588ac4639f35a58e00a50c0270608c7a7f10132b1c25b9ea81232fbef665f6212f875b2a0000000000000000000000000000002684c2d8eb8cac98930fa6a893ca44c0f64c07a87eb7b05f56ca6c70cb3a0eb328a15fe96a88235155e6d64bd434f641ddf9db2245e47e5904453577895dd81d"], &(0x7f0000000380)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x8, 0x10, &(0x7f0000000000), 0x10, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x2e) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000540)='rcu_utilization\x00', r6}, 0x10) r7 = socket$inet6_sctp(0xa, 0x1, 0x84) r8 = socket$kcm(0x2, 0xa, 0x2) r9 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) ioctl$sock_SIOCOUTQ(r8, 0x5411, &(0x7f0000000140)) sendmsg$netlink(r9, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2b, 0x1, 0x0, 0x0, "", [@nested={0x104, 0x0, 0x0, 0x1, [@typed={0xc, 0x11, 0x0, 0x0, @u64=0x20}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd3f8cd1"]}]}, 0x114}], 0x1, 0x0, 0x0, 0x1}, 0x0) getsockopt$inet_sctp_SCTP_PEER_ADDR_PARAMS(0xffffffffffffffff, 0x84, 0x9, &(0x7f0000000440)={0x0, @in6={{0xa, 0x4e22, 0x6c1c, @initdev={0xfe, 0x88, '\x00', 0x1, 0x0}, 0xc}}, 0x48e, 0xc3f, 0x100, 0xffffffff, 0x0, 0x100, 0x80}, &(0x7f0000000300)=0x9c) getsockopt$inet_sctp6_SCTP_ASSOCINFO(r7, 0x84, 0x1, &(0x7f0000000500)={r10, 0x6, 0x2, 0x7, 0x2, 0x1}, &(0x7f0000000580)=0x14) r11 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000200), 0xffffffffffffffff) r12 = socket$inet6_sctp(0xa, 0x1, 0x84) setsockopt$inet6_int(r12, 0x29, 0x4a, 0x0, 0x0) r13 = bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0e000000040000000800000004"], 0x48) r14 = bpf$PROG_LOAD(0x5, &(0x7f0000000000)={0x6, 0xd, &(0x7f0000000200)=ANY=[@ANYBLOB="1800000000000000000000000000000085000000a000000018110000", @ANYRES32=r13, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bca2000000000000a6020000f8ffffffb703000008000000b704000000000000850000003300000095"], &(0x7f0000000180)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000240)={r14, 0xfca804a0, 0x0, 0x0, 0x0, 0x0, 0x5ee, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x5}, 0x50) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f0000000240)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_SET_PMKSA(r0, &(0x7f0000000380)={0x0, 0x0, &(0x7f0000000300)={&(0x7f0000000000)={0x48, r11, 0x1, 0x0, 0x0, {{}, {@val={0x8, 0x3, r15}, @val={0xc, 0x99, {0x1, 0x45}}}}, [@NL80211_ATTR_PMK_REAUTH_THRESHOLD={0x5, 0x120, 0x7}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x231}, @NL80211_ATTR_PMK_LIFETIME={0x8, 0x11f, 0x71}, @NL80211_ATTR_FILS_CACHE_ID={0x6}]}, 0x48}, 0x1, 0x0, 0x0, 0x1}, 0x0) 1.853519302s ago: executing program 2 (id=358): r0 = syz_genetlink_get_family_id$ethtool(&(0x7f00000001c0), 0xffffffffffffffff) r1 = socket$nl_generic(0x10, 0x3, 0x10) recvmmsg(r1, &(0x7f0000000400)=[{{0x0, 0x0, &(0x7f0000000780)=[{&(0x7f0000000200)=""/53}, {&(0x7f0000000240)=""/8}, {&(0x7f00000004c0)=""/191}, {&(0x7f0000000800)=""/124}, {&(0x7f00000007c0)=""/51}, {&(0x7f0000000600)=""/179}, {&(0x7f00000006c0)=""/67}, {&(0x7f0000000740)=""/45}]}}, {{&(0x7f00000002c0)=@pppol2tpv3={0x18, 0x1, {0x0, 0xffffffffffffffff, {0x2, 0x0, @multicast2}}}, 0x80, &(0x7f0000000340), 0x1, &(0x7f0000000380)=""/78, 0x4e}, 0x3}], 0x2c, 0x36000, 0x0) sendmsg$ETHTOOL_MSG_TSINFO_GET(r1, &(0x7f0000000480)={0x0, 0x0, &(0x7f0000000440)={&(0x7f0000000580)=ANY=[@ANYBLOB="14000000", @ANYRES16=r0, @ANYBLOB="a78700000000000000000b"], 0x14}}, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000480)={0x18, 0x2000000000000019, &(0x7f00000000c0)=ANY=[], &(0x7f0000000300)='syzkaller\x00', 0x8, 0xb1, &(0x7f0000000140)=""/177, 0x41000, 0x6, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, &(0x7f00000002c0)={0x8, 0x5}, 0x8, 0x10, &(0x7f0000000240)={0x3, 0x5, 0x3, 0x6}, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x34, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) r3 = syz_open_dev$cec(&(0x7f0000000000), 0x0, 0x0) ioctl$CEC_S_MODE(r3, 0x40046109, &(0x7f0000000140)=0x11) ioctl$CEC_S_MODE(r3, 0x40046109, 0x0) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) r6 = openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0) write$vga_arbiter(r6, 0x0, 0xe) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) rt_sigaction(0xd, &(0x7f0000000180)={&(0x7f0000000000)="ca0000c441f96ec80fc4c60066400fe2def3ad46c7045300101000f00fc01ec422e10399c5c1202066410f6f15040000000000e1f563df", 0xdc000006, 0x0, {[0x0, 0xff]}}, 0x0, 0x8, &(0x7f0000000300)) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) syz_usb_control_io$hid(0xffffffffffffffff, &(0x7f0000001540)={0x14, 0x0, 0x0, &(0x7f0000000040)=ANY=[@ANYBLOB="00220f0005"], 0x0}, 0x0) r8 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000080)='cpu.stat\x00', 0x275a, 0x0) write$UHID_CREATE2(r8, &(0x7f0000000040)=ANY=[], 0x118) mmap(&(0x7f0000000000/0x3000)=nil, 0x3000, 0x5, 0x12, r8, 0x0) sendmmsg$inet6(r7, &(0x7f0000003c00)=[{{0x0, 0x0, 0x0}}], 0x1, 0x0) ioprio_set$uid(0x3, 0x0, 0x0) ioprio_get$uid(0x2, 0x0) 1.434205584s ago: executing program 0 (id=362): bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) (async) r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB="18000000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000000000000b703000000000000850000007300000095"], &(0x7f0000000040)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f0000000600)={r0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe}, 0x4c) 1.433768701s ago: executing program 0 (id=363): mlock(&(0x7f0000000000/0x800000)=nil, 0x800000) (async) seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x0, &(0x7f0000000080)={0x0, &(0x7f00000000c0)}) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async) openat(0xffffffffffffff9c, &(0x7f0000000080)='./bus\x00', 0x165900, 0x42) (async) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) (async) r0 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) read$msr(r0, &(0x7f0000019680)=""/102392, 0x18ff8) (async) syz_usb_connect$cdc_ncm(0x0, 0x72, &(0x7f0000000bc0)=ANY=[@ANYBLOB="1201000002000040257d15a4400001040001090260004201000000090400000102090000052406000105240000000d240f01000004eaffffff1e0006031a00000804800200090581", @ANYBLOB="f7", @ANYRESOCT], 0x0) (async) r1 = gettid() timer_create(0x1, &(0x7f0000533fa0)={0x0, 0x21, 0x800000000004, @tid=r1}, &(0x7f0000bbdffc)) (async) timer_settime(0x0, 0x0, &(0x7f0000000280)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) (async) r2 = syz_open_dev$char_usb(0xc, 0xb4, 0x0) pwritev(r2, &(0x7f0000000080)=[{&(0x7f0000000280)="a27bbe98", 0x4}], 0x1, 0x80, 0x2) (async) fsync(r2) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, 0x0, 0x0) (async) prctl$PR_GET_TSC(0x43, &(0x7f0000000040)) (async) prctl$PR_MCE_KILL(0x43, 0x0, 0x0) (async) r3 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) (async) r4 = syz_init_net_socket$bt_l2cap(0x1f, 0x3, 0x0) connect$bt_l2cap(r4, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xf) connect$bt_l2cap(r3, &(0x7f0000000040)={0x1f, 0x0, @fixed={'\xaa\xaa\xaa\xaa\xaa', 0x10}}, 0xe) (async) r5 = syz_init_net_socket$bt_l2cap(0x1f, 0x5, 0x0) (async) openat(r2, &(0x7f0000000100)='./bus\x00', 0x10200, 0x80) (async) mkdirat$cgroup_root(0xffffff9c, &(0x7f0000000140)='./cgroup.cpu/syz0\x00', 0x1ff) (async) r6 = socket$qrtr(0x2a, 0x2, 0x0) connect$qrtr(r6, &(0x7f0000000000)={0x2a, 0x1}, 0xc) (async) bind$qrtr(r6, &(0x7f00000000c0)={0x2a, 0x1, 0xf0}, 0xc) connect$bt_l2cap(r5, &(0x7f0000000040)={0x1f, 0x2, @fixed}, 0xe) (async) socket$nl_netfilter(0x10, 0x3, 0xc) 1.194938418s ago: executing program 0 (id=364): r0 = socket$kcm(0x10, 0x2, 0x0) socket$inet6_sctp(0xa, 0x1, 0x84) r1 = syz_io_uring_setup(0x4f21, &(0x7f0000000500)={0x0, 0xc541, 0x20, 0x0, 0x800000}, &(0x7f0000000340)=0x0, &(0x7f00000004c0)=0x0) syz_io_uring_submit(r2, r3, &(0x7f00000001c0)=@IORING_OP_TEE={0x21, 0x1, 0x0, @fd=r0, 0x0, 0x0, 0x5, 0x0, 0x1, {0x0, 0x0, r1}}) syz_open_dev$sndctrl(&(0x7f0000000000), 0x0, 0x0) socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0xa4, 0x30, 0x1, 0x0, 0x0, {}, [{0x90, 0x1, [@m_ct={0x44, 0x2, 0x0, 0x0, {{0x7}, {0x1c, 0x2, 0x0, 0x1, [@TCA_CT_PARMS={0x18, 0x1, {0x9d, 0x11e41e7a, 0x20000000, 0x0, 0xf}}]}, {0x4}, {0xc, 0x7, {0x0, 0x1}}, {0xc, 0x8, {0x0, 0x1}}}}, @m_ife={0x48, 0x1, 0x0, 0x0, {{0x8}, {0x20, 0x2, 0x0, 0x1, [@TCA_IFE_PARMS={0x1c}]}, {0x4}, {0xc}, {0xc}}}]}]}, 0xa4}, 0x1, 0x0, 0x0, 0x800}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r4 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r4, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r5, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r6, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r4, 0x8, &(0x7f0000000240)=0x2) recvmmsg(r5, &(0x7f00000000c0), 0x10106, 0x2, 0x0) listen(0xffffffffffffffff, 0xcbe) socket$tipc(0x1e, 0x5, 0x0) r7 = socket$inet6_tcp(0xa, 0x1, 0x0) setsockopt$IP6T_SO_SET_REPLACE(r7, 0x29, 0x40, &(0x7f00000006c0)=@raw={'raw\x00', 0x3c1, 0x3, 0x28c, 0x18c, 0x2b8, 0x182, 0x18c, 0x0, 0x284, 0x3a8, 0x3a8, 0x284, 0x3a8, 0x3, 0x0, {[{{@uncond, 0x0, 0xa4, 0xcc, 0x0, {0x0, 0xe0ffff00000000}}, @common=@inet=@SET1={0x28}}, {{@uncond, 0x0, 0xc8, 0xf8, 0x0, {}, [@inet=@rpfilter={{0x24}}]}, @common=@inet=@SET2={0x30}}], {{'\x00', 0x0, 0xa4, 0xc8}, {0x24}}}}, 0x2e8) r8 = bpf$MAP_CREATE(0x0, &(0x7f0000000580)=@base={0x5, 0x60, 0x43, 0x1, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$BPF_GET_PROG_INFO(0x15, &(0x7f0000000340)={r8, 0xe0, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, ""/16, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff79, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2f, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0}}, 0x6f) accept4(0xffffffffffffffff, 0x0, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) ioctl$TUNSETIFF(0xffffffffffffffff, 0x400454ca, &(0x7f0000000180)={'syzkaller0\x00', 0x7101}) r9 = bpf$PROG_LOAD(0x5, &(0x7f0000000440)={0x11, 0x6, &(0x7f0000000a40)=ANY=[@ANYBLOB="050000000000000061110c00000000008510000002000000850000000800000095000000000000009500a5050000000077d8f3b423cdac8d8000000000000020e16ad10a48b243ccc42606d25dfd73a015e0ca7fc2506a0f68a7d06d10bfe150a7487535f7866907dc6751dfb265a0e3ccae669e173a649c1cfd6587d452d46b7c57d77578f4c35235138d5521f9453559c3421eed73d5661cfeecf9c66c54c3b3ffe1b4ce25d7c983c044c03bf3ff03fe3e26e7a23129d6606fd28a7f9105f82317874b33d96b39fa4e045469989d552af6200000003a00000000000000abecc2f4a3799af2551ce935b0f327cb3f011a7d06602e2fd5234712596b696418f1623ed38ae89d24e14b40234756ddcebfba2f87925bfacba83109753f543ad027edd68149ee99eebc6f7d6dd4aed4afe1f44ccb19e810879b70a70900000000000000000000d7900a820b6327944e9a217b9800e02a92895614cd50cbf83a1ed25268816b004519c9c5cff097d8000000000009d27d753a30a147b24a48435bd8a568669596e9e08679b3ce48e90defb6670c3d6209000000c773713a66b223fa8b148871c8d31d24000025449f106b99893ed20fa7a050fbbef90327e827e513e9606800000000e89f9c85c822a961546ed5363c17ff1432d08806bc376e3e69ee52b59d13182e1f24ed208ada12f7a1525320e71666f472a972d5eb1affb87ba55b2d72078e9f40b4ae7dc3b2aeb0d11cd22c35d32940f19dff00ffffffff080000ff003853e59de7621e348955735264f34b1046a1813668297a7edad187ef106ae7fcbb25090f17d0baadeb8ae190a1fb5a315f8347fb0379659500000000000000000000000000000000000000002fdf0193ec79c90ed210ebc2fbed6d4216770c1b0dec886b388d138c2b69c6aacb714e7264093061c660a5100b7cc165889eb94c8d7c77b6fa06f1a4f8e4a6b6cb37e319c5c22f276b03cae853f42b07ca0b03b1eb32a6b1a81cd511fd0b59d57a11c6a3ebf9731464ad21f07f618efc31023ac60007426162b57e803519954d7c956fda392fa84be38e937d36af1c35138e05a9e8d6dc0272de72c41500000000304402e22af23437126f330f8eb4075daaeae3134ece35cd86d95bd9836bd186c4b6565e967a4e3e86f299b7400994ba136b4eccf3b0f001a266c0d160b3ce1182001d64b52a5ce7f506295d59eea6903b84ffbabf5a5b91c1d6ecce8728a224aec66c610e3becd60a35e848c224f8251947eed20e2b612cb099bfe8924d33ba7f0691fed04a43e9c64b7a1e3165e86cdb9871c678a6bbb14821f441c6c14d1bd78d8ffdfea12c19ea04264335d60b6b7a7da6fb83f33101db32f6ab137d943dd3c1e8db9f3e1263573dc721ae82fe0bc63598751a5092c9f7dbfc39d564834e3703492c2a651643d8ce5c36d97a4812cf73fc8ea0d68d7489cfcb0176"], &(0x7f0000000080)='GPL\x00', 0x5, 0x29e, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x6, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x70) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000040)={&(0x7f0000000000)='kmem_cache_free\x00', r9}, 0xb) 1.004905986s ago: executing program 1 (id=365): mkdirat(0xffffffffffffff9c, &(0x7f0000000140)='./file0/file0\x00', 0x148) mount$tmpfs(0x0, &(0x7f0000000080)='./file0\x00', &(0x7f00000000c0), 0x0, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000100)='./file0/file0\x00', 0x1c0) r0 = socket$packet(0x11, 0x3, 0x300) setsockopt$packet_int(r0, 0x107, 0x8, &(0x7f0000006ffc)=0x4000000000000200, 0x4) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000380)={'geneve1\x00'}) ioctl$vim2m_VIDIOC_S_FMT(0xffffffffffffffff, 0xc0d05605, &(0x7f0000000140)={0x1, @raw_data="fcad46e9d6851cfcf97e4fe496a93cb932c7e40aecf362e07b95484734f02f6a7a50aa3967a15f450ee50cee025fa279fa3cb4a067e3795be7e3d85ba1a927b36e52e8c32dab86577e12ec4c917cfac277aad3151419360969a90e8550b262368f19c2b21c6cd7b3b3a94d82241f98884973d86228a8b12cca8bf93c230a6af4a99008f14496dcff7ce83e1b7331407f0d57cc7956330549576bb1d620ed9f8c08e576bb240a78d6276b9c53dc8f6666bf9fd4f994a503a76c687d3a9b3f63929226014fec406451"}) sched_setscheduler(0x0, 0x3, &(0x7f0000000180)=0x4) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r1 = socket$inet6_icmp_raw(0xa, 0x3, 0x3a) setsockopt$inet6_int(r1, 0x29, 0x19, &(0x7f0000000040)=0x3, 0x4) syz_emit_ethernet(0x6e, &(0x7f0000000480)=ANY=[@ANYRESOCT, @ANYRESOCT=r1], 0x0) sched_setaffinity(0x0, 0x8, &(0x7f0000000200)=0x400000bd2) r2 = syz_open_dev$MSR(&(0x7f00000001c0), 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_PROG_TEST_RUN(0xa, 0x0, 0x0) read$msr(r2, &(0x7f0000019680)=""/102392, 0x18ff8) syz_open_dev$radio(&(0x7f0000000000), 0x3, 0x2) syz_io_uring_setup(0x327a, &(0x7f0000000240)={0x0, 0x66d2, 0x2c, 0x0, 0xef}, 0x0, &(0x7f0000000080)) openat$binderfs(0xffffffffffffff9c, 0x0, 0x0, 0x0) r3 = memfd_create(&(0x7f00000008c0)='\x103q}2\x9a\xce\xaf\x03\xdfy[\xd9\xffR8\xf4\x1c\bi\xe4^\xd5\xfd\xa9\r\xac7A\x94\xa0\x00\x00\x00\x90+\xd6\x05\r\x84\x87\x1c\b\xdb\xe2\x00\x00A\x90m\xb6&\xd0\x9d\x00\x00\xc5\xb8,\f\xd4s\xb2\x99/\xc0\x9a\xf2O\xdb\x00\x00\x00\x00\x00\x00\r\x1b\xd3\xff<\x83z\x80\x8fQ|\xf5d\x10\x10\xd7\x01M\x7fML\x18\'\x1a<\xfee7{l\x16}\xa0I\x7f\xb5)l\xbb\x02\xfa\xb7\xb6\xa0]\xda8\xe0~\x1c \x91\t\x8b\xbd\x1f\xb3834d1i\x9b\x94\xa6\\\x0e\xe2\xfa\xe5!\xd3\xcf\xfc\xce\xba\xe2\x9f\x05xgL5\x14Y+\xb3\x1axi)<\xf7\x98\xc1\xba\xf4|\xe7|\xc4\xd7\x03\x00\x00\x00\x04D\x15E^7%8\x94y\x98\xf0l\xa0\'Q%\xd4\xda\xee\x81}\xcc\xfd\xa2\xe3M~x\x96\xe3]\xd70\xa2\x17\xca\xde\x1b\xaa\xe0l\xfc\x85\x8fc\x1c{|e\x8bs\xb0\x85E\xce;p)\xf8\xa6\xaa&QC4V\x81\x04\xcf\xd2\x81\xdc\xdf\xd7<\x9f\x93\x8bX\xd4\xea\xb2\xff\b\x92\xc7\x00\xef\xff\x00\x93\x1f\x92\xa7dcY\x9c\x9e9O-\xfcF\xbb\xbd{:IR\xea\xd8$\xe2\xa0\xc2\x8b\x1a\xead\xb8\xe1:6\x15M\x1d\xdak\x8c\x909\xd8\xb3\x02\xe0\x04\x9c\xc2\x06|\xf0\x0f\xa6Y&r\x9b\xc7\x1d\xe7jDf\x87@\x8fg\x15RJwe\xe2\xdcunu\xff`\xa40\xce\xffB%\xe4k\xff\x8d\x06\x0e\x89\xd9DC\x9fF\x9c[M=\xe0^\xa8\xed)\xe8Z\xe8\x99&\x87\x04\xa4\t\xaa\xd8\xd6\xd5pG\xcb\xc4\x8b\xf7\xb8#\xcb\xd8|\xa5\xa6S\x8b\x8cv\xb7)\x02k\xf3L\x03\xbb\xfa\xe1\\\xf1\x8cUj\xd5\xa5\x88GL\xe7_\xfd\x17C=G\x0f\xe9u\x1d\xfeg\xfex\xcd\xaa\xad\x906\xd0sy\xc6T\x93\xae\xd5r\xc8G\xc5\xfdS\xff\x04:`\x1e\xe3;l\xcd&\xd4\xf4\x8eum\x04\x00~\xfa\x05\xd7\xe7X\xc7/\xae5\x93wwT\x13\xbd,\xd6\x16\x84\xcd\xd1\xd8\xe1P_\xbf0\xd8\x8d%Yh\xb5\xb4\"\xf5\x93\xdeh\xce\xa5\xe8\xc8\xec\x88\x89\xf07{\x95\xc9\xd0\xee\xe1\x1d\x80\xcc]-\xc2\xa1\x02ELhI\xd9\xf5\xcfk\x8a&i\xc1\xff9T\x8e\xe2rY\xa3\xd2H9\xfe\x0e\x1e\xac\x0f\xc3\xbd{\xd9\xcc\xbe\xa9\x93\xe0\xa4W\x1cn>\xc1\xf1\x9e\"\x93\x19\x19\x1a\xcc\x7fy\xd2~\x05\x99\xe6\x00o\xca\xe0\xc6\xd4\xf5\xa0\xc8P\xd6;\xf3\xc6~E\xacI\xd4\xe9\xa1|>\x91.K\x81\xa9+\xcf\xff\xcb\xfa\x0f\xe7n\x83H\x12\xac\x80\x16\xf8\x87Q\x97Az\n`\xb6\xe13A\xec\x8d(\\D\xec\xa6\t1\xa0h\xfc\x1f\xdd1@-4\xb4:\xf8\xd5wP \x84m\xe2\xd9\xfcb\xa0\xc3\xc9\xe7W\x86\xd7$\xa4ml\xee\x97[\xb7\xfa', 0x0) ftruncate(r3, 0x80079a0) r4 = openat$vicodec0(0xffffffffffffff9c, &(0x7f00000044c0), 0x2, 0x0) r5 = socket$rds(0x15, 0x5, 0x0) setsockopt$RDS_FREE_MR(r5, 0x114, 0x3, 0x0, 0x0) poll(0x0, 0x0, 0x9) ioctl$VIDIOC_EXPBUF(r4, 0xc0405610, &(0x7f0000000000)={0xb, 0x0, 0xfffffff7, 0x84800}) mmap(&(0x7f0000200000/0x400000)=nil, 0x400000, 0xb, 0x2012, r3, 0x0) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) lseek(r3, 0x1003ff, 0x4) 792.506743ms ago: executing program 3 (id=366): r0 = syz_open_procfs(0x0, &(0x7f0000000040)='stack\x00') socket$nl_generic(0x10, 0x3, 0x10) r1 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_MSFILTER(r1, 0x0, 0x30, &(0x7f00000005c0)=ANY=[@ANYBLOB="020000000000000002000000e000000200000000000000000000000000000000000000000000000000000000ef0db4ed344a8240000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006000000000000000000000000000000001c0000000000000000000000000001"], 0x90) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xba, &(0x7f0000000140)=""/186, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) ioctl$vim2m_VIDIOC_REQBUFS(r0, 0xc0145608, &(0x7f0000000240)={0xf, 0x1, 0x2, 0x0, 0xe}) connect$unix(r3, &(0x7f0000002540)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) ioctl$UFFDIO_API(0xffffffffffffffff, 0xc018aa3f, &(0x7f0000000000)) ioctl$UFFDIO_CONTINUE(0xffffffffffffffff, 0xc020aa07, &(0x7f0000000080)={{&(0x7f0000400000/0xc00000)=nil, 0xc00000}}) syz_open_dev$loop(&(0x7f00000001c0), 0x0, 0x0) mkdir(&(0x7f00000002c0)='./file0\x00', 0x0) r5 = socket(0x40000000015, 0x5, 0x0) bind$inet6(r5, &(0x7f0000000040)={0xa, 0x0, 0x0, @loopback}, 0x1c) sendto$inet6(r5, 0x0, 0x0, 0x4, &(0x7f0000000000)={0xa, 0x0, 0x0, @private2, 0x8}, 0x1c) syz_emit_vhci(&(0x7f0000000480)=ANY=[@ANYBLOB="02c91023001f000100114a0200a2c70c2605000900ff03080206040009000900103c04000e000100a9b5fde69e964222000fa132b8d2dcc391c0f6e88825648da5054b7b19f43e3e8a8b2d16d13a87302fe6f30a995e547babdf50c4a47d7fc904307e6cdbe490f06a39626b5abc15f0e373493cf3c5af351bf2ab1245cecd5e19596c718e8055be3b6e41bd236e08245903157e963c666d631dd60e98eccc42f1262795e05be96286b8"], 0x28) sendto$inet6(r5, 0x0, 0x0, 0x0, &(0x7f0000000300)={0xa, 0x4e23, 0x0, @dev={0xfe, 0x80, '\x00', 0x4}, 0xfffffffc}, 0x1c) r6 = syz_open_procfs(0x0, 0x0) mount$9p_virtio(0x0, 0x0, &(0x7f00000000c0), 0x0, &(0x7f0000002380)=ANY=[@ANYBLOB]) read$FUSE(r6, 0x0, 0x0) 482.467547ms ago: executing program 1 (id=367): r0 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f0000000200)={'macvtap0\x00', 0x0}) setsockopt$packet_int(r0, 0x107, 0xf, &(0x7f0000000040)=0x200, 0x4) r2 = socket$packet(0x11, 0x3, 0x300) r3 = bpf$PROG_LOAD(0x5, &(0x7f0000000080)={0x1, 0xe, &(0x7f00000004c0)=ANY=[@ANYBLOB="b702000000000000bfa30000000000000703000000feffff7a0af0fff8ffff1971a4f0ff00000000b7060000080000001e6400000000000045040400010000001704000001000a00b7040000000100006a0af2fe00000000850000001a000000b7000000000000009500000000000000455781a5feee5e1ce784909b849d5550adf200000000000000b61d69f2ffdaa10350e11cb97c8ad51bcda0c4ee6d9674c77404ceb9971e43405d621ffbc9a4fd39b0631f6dde53a9a53608c10556e5734eb84049761471ce540c772e2d9f8004e26f7fcc059c062234d5595f6dba87b81d0806fb0289ce67a66afd9ac3d09e29a9d542ca9d85a5c9c88474895d679838def0a83a733dc6a39b63a5ed69d32394c53361d7480884bd8048a967d9b912ef9f1dcc4ff8546fee53f5b2e7b91c61ced1ebad000000000000e8122a793c080a882add4e1179bd4a44f231b6d753a7be428ba953df4aece69311687f4122073a236c3ad198e3f3a532efa04137d452ff47d2638da3261c8362bb7c7824be6195a66d2e17e122040e11e3bd4a69fc6e8d9f7043e09b9e10dc7777bfae5884e4ba1e9cc4a2bbe99e30816127f46a1aae33d4d63d716c0975e1ce4a655362e7062ff6ab3934555c0184021b829472adefa06d3482c7b2711b98eabdca89b77efd13e6dba4a431ce47910000118093b6cabaa17a57727474e1785ee234835088445aa4a9b677d3d342640e328504aea02a2d727e62b7f097a02dbf8fe1d704765de7482040b2fc3000000000000000008947baeaaf954aff687deaa2f80492461d273ee26d8115cbca081a14cba24788779291745083fccdddc90d7af35c528df8000000d8d79c79ddca066da478c197d4a550470557bc99cca336bd88cd28a5ee651627e3a6fbf6ea53b95ddb64c69c7d8d2f4baddc239828760459564124bad68209d2a1d16ad085886c017679cfcda8b1e152ac1e2bcc5ede5b5687aa418abfa29acd7339e73b2cd185c9eb5fb34fccd20ffa155b16c0c309ed6f6663677df37de0ec0d0f548b273940be5d1fe0bae14d1a76bf741330dacd9cc19c0163bcc93059e8d2d1bfa928e2ba458ecd989cb3581a3f270ad48255ac0dad4923e3e36629589ff6b0ceb3438e4b432dd454c04be2d538aaf60c9f7a7281d32142f2fdbc3d37e5a072b5d7f0a349f1a75f01b5c203d4bdde6ff12de9a37f7fb9a16059ad97e2edefb5e0b0326bd25f6fd1d108efa9d30a9883815654486fe42cf2f676cdbb91f7582ab314be"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000340), 0xfffffffffffffe19, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x42) setsockopt$sock_attach_bpf(r2, 0x1, 0x32, &(0x7f00000008c0)=r3, 0x4) sendto$packet(r0, &(0x7f00000000c0)="3f030e0033e6120306001e0089e9aaa911d7c2290f0086dd1327c9167c64114a1b7880610cc96655b1b141ab059b24d0fbc50df71548a3f6c5609063382a0c1511fdf9435e3ffe46", 0xe94f, 0x0, &(0x7f0000000540)={0x11, 0x0, r1, 0x1, 0x0, 0x6, @multicast}, 0x14) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x9, 0x4, &(0x7f0000000040)=@framed={{0xffffffb4, 0x0, 0x0, 0x0, 0x0, 0x69, 0x11, 0x3e}, [@ldst={0x6}], {0x95, 0x0, 0x74}}, &(0x7f0000003ff6)='GPL\x00', 0x2, 0xfd90, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @cgroup_sock, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) 481.753514ms ago: executing program 1 (id=368): r0 = socket$nl_generic(0x10, 0x3, 0x10) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) r1 = socket$inet6_sctp(0xa, 0x5, 0x84) getsockopt$inet6_int(r1, 0x29, 0x11, 0x0, &(0x7f0000001180)) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x7000004, 0x5d031, 0xffffffffffffffff, 0x0) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0) r2 = syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00', 0x0}) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)={0x98, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x59, 0xe, {{{}, {}, @device_a, @device_b, @initial, {0x0, 0x3}}, 0x0, @default, 0x0, @void, @void, @void, @val={0x4, 0x6, {0x7}}, @void, @void, @val={0x25, 0x3}, @void, @void, @val={0x2d, 0x1a}, @val={0x72, 0x6}, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @crypto_settings=[@NL80211_ATTR_AKM_SUITES={0x10, 0x4c, [0xfac02, 0xfac0c, 0xfac11]}]]}, 0x98}, 0x1, 0x0, 0x0, 0xfe3685db0afff645}, 0x0) r4 = socket$unix(0x1, 0x5, 0x0) bind$unix(r4, &(0x7f0000000a00)=@file={0x1, './file0\x00'}, 0x6e) mount$9p_unix(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), 0x8, &(0x7f0000000400)) socket$nl_generic(0x10, 0x3, 0x10) (async) prctl$PR_SET_SYSCALL_USER_DISPATCH_ON(0x3b, 0x1, 0x0, 0x0, &(0x7f0000006680)) (async) socket$inet6_sctp(0xa, 0x5, 0x84) (async) getsockopt$inet6_int(r1, 0x29, 0x11, 0x0, &(0x7f0000001180)) (async) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x7000004, 0x5d031, 0xffffffffffffffff, 0x0) (async) remap_file_pages(&(0x7f0000800000/0x800000)=nil, 0x800000, 0x0, 0x0, 0x0) (async) syz_genetlink_get_family_id$nl80211(&(0x7f0000000080), 0xffffffffffffffff) (async) ioctl$sock_SIOCGIFINDEX_80211(r0, 0x8933, &(0x7f00000000c0)={'wlan0\x00'}) (async) sendmsg$NL80211_CMD_START_AP(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f0000000200)={&(0x7f0000000600)={0x98, r2, 0x5, 0x0, 0x0, {{}, {@val={0x8, 0x3, r3}, @void}}, [@beacon=[@NL80211_ATTR_BEACON_HEAD={0x59, 0xe, {{{}, {}, @device_a, @device_b, @initial, {0x0, 0x3}}, 0x0, @default, 0x0, @void, @void, @void, @val={0x4, 0x6, {0x7}}, @void, @void, @val={0x25, 0x3}, @void, @void, @val={0x2d, 0x1a}, @val={0x72, 0x6}, @void, @void}}], @NL80211_ATTR_BEACON_INTERVAL={0x8}, @NL80211_ATTR_DTIM_PERIOD={0x8}, @crypto_settings=[@NL80211_ATTR_AKM_SUITES={0x10, 0x4c, [0xfac02, 0xfac0c, 0xfac11]}]]}, 0x98}, 0x1, 0x0, 0x0, 0xfe3685db0afff645}, 0x0) (async) socket$unix(0x1, 0x5, 0x0) (async) bind$unix(r4, &(0x7f0000000a00)=@file={0x1, './file0\x00'}, 0x6e) (async) mount$9p_unix(0x0, &(0x7f0000000380)='./file0\x00', &(0x7f00000003c0), 0x8, &(0x7f0000000400)) (async) 385.47301ms ago: executing program 1 (id=369): sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000000c0)=@newtaction={0x14, 0x30, 0x1}, 0x14}, 0x1, 0x0, 0x0, 0x800}, 0x0) (async) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) r0 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r1 = dup(r0) (async) socketpair$unix(0x1, 0x5, 0x0, &(0x7f0000000300)={0xffffffffffffffff}) ioctl$int_in(r2, 0x5452, &(0x7f0000000180)=0xffffffffffffffff) (async) write$6lowpan_enable(r1, &(0x7f0000000000)='0', 0xfffffd2c) r3 = syz_open_dev$vbi(&(0x7f0000000000), 0x0, 0x2) ioctl$VIDIOC_S_STD(r3, 0x40085618, &(0x7f0000000080)=0xc00000) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000000)={0x26, 'skcipher\x00', 0x0, 0x0, 'ecb-twofish-3way\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000c18000)="ad56b6c5910fae9d6dcd3292ea54c7b6ef915d564c90c200", 0x18) (async) ioctl$BTRFS_IOC_QUOTA_RESCAN_STATUS(r4, 0x8040942d, &(0x7f0000000100)) (async) accept4(r4, 0x0, 0x0, 0x0) (async) io_uring_enter(0xffffffffffffffff, 0x2ded, 0x4000, 0x0, 0x0, 0x0) (async) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) (async) clock_settime(0x0, &(0x7f0000000240)={0x77359400}) (async) clock_adjtime(0x0, &(0x7f0000000640)={0x7, 0x9, 0x380000, 0xc, 0xfffffffffffffff9, 0xfffffffe, 0x9, 0x0, 0xae, 0x5, 0x7, 0x4, 0xfffffffffffff04f, 0x7, 0x80000000, 0xfffffffffffffff8, 0xffffffffffffffff, 0x6, 0x0, 0x100, 0x4, 0x2, 0x5, 0x3, 0x8, 0x4}) clock_adjtime(0x0, &(0x7f0000000900)={0x6, 0xe, 0xf, 0x0, 0xf, 0x8000000000000000, 0xa, 0x2, 0x9, 0x2, 0x4, 0x8000000000000000, 0xc, 0x9, 0x7, 0x9, 0x7, 0x3, 0x8, 0xfffffffffffffffa, 0x0, 0x5, 0x8, 0x7, 0x3, 0x6}) (async) madvise(&(0x7f0000000000/0x600000)=nil, 0x600003, 0x19) r5 = socket(0x1d, 0x3, 0x1) getsockopt$kcm_KCM_RECV_DISABLE(r5, 0x65, 0x7, 0x0, 0x20000000) 322.93766ms ago: executing program 2 (id=370): prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) (async) syz_init_net_socket$bt_sco(0x1f, 0x5, 0x2) (async) socket$nl_netfilter(0x10, 0x3, 0xc) r0 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000180)={0x18, 0x5, &(0x7f0000000280)=ANY=[@ANYBLOB="1801000000000000000000004b64ffed850000006d000000a50000000500000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0xfffffe8a, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000000c0)={&(0x7f0000000080)='sched_switch\x00', r0}, 0x10) (async) syz_open_dev$sg(&(0x7f00000060c0), 0x0, 0x0) (async) capset(&(0x7f0000000300)={0x19980330}, 0x0) r1 = syz_open_dev$sndmidi(&(0x7f0000000040), 0x2, 0x141101) r2 = dup(r1) pselect6(0x0, 0x0, 0x0, &(0x7f00000002c0)={0x3ff, 0x4, 0x10000, 0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x10000}, 0x0, 0x0) (async) write$6lowpan_enable(r2, &(0x7f0000000000)='0', 0xfffffd2c) (async) syz_emit_vhci(0x0, 0xd) (async) bind$inet6(0xffffffffffffffff, 0x0, 0x0) (async) r3 = openat$procfs(0xffffffffffffff9c, &(0x7f0000000000)='/proc/partitions\x00', 0x0, 0x0) (async) r4 = syz_io_uring_setup(0x10f, &(0x7f0000000380)={0x0, 0xffffffff, 0x0, 0x1, 0xd7}, 0x0, 0x0) (async) syz_memcpy_off$IO_URING_METADATA_GENERIC(0x0, 0x80, &(0x7f0000000540)=0x5, 0x0, 0x4) syz_io_uring_submit(0x0, 0x0, &(0x7f00000002c0)=@IORING_OP_WRITEV={0x2, 0x0, 0x2000, @fd=r3, 0x0, 0x0, 0x0, 0x1a}) (async) io_uring_enter(r4, 0x3516, 0x0, 0x0, 0x0, 0x0) (async) landlock_create_ruleset(&(0x7f0000000240)={0x1fff}, 0x10, 0x0) (async) socket$unix(0x1, 0x2, 0x0) r5 = socket$nl_sock_diag(0x10, 0x3, 0x4) sendmsg$DCCPDIAG_GETSOCK(r5, &(0x7f00000012c0)={0x0, 0x0, &(0x7f0000001280)={&(0x7f00000004c0)={0x5c, 0x13, 0x605, 0x0, 0x0, {0x8}, [@INET_DIAG_REQ_BYTECODE={0x10, 0x1, "0856b7fc2bc04c1658e08249"}]}, 0x5c}}, 0x40000c0) (async) r6 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) (async) ioctl$SCSI_IOCTL_SEND_COMMAND(r3, 0x1, &(0x7f0000000400)=ANY=[@ANYBLOB="e30000000000000000000000d4fba65fdd00000000000000161adaf51796d4d7f60f73fefb8683227cef8242f2ca8cd9e7117968e453d47b69de713ecd29b5359ca5019bcf7272335a8d56e75ae30990876789b2bc6657df3829b76397d063abedaa1fede263dabf5e56d9c91cc291a9c6ff2807cb75f4c78be17689c77cded64ea304b760c1ae67b803ee9183238b09283c07d3c5307c230760ee725f646d22d237aab3c67fadf576b42c842383da6e071b8841afd948d366df0c976b323c663feb8537a306821c613e33bc2f85308baaf5692aa6163cf1e442036874d91d47061af2ce392b42c0e2cb3a5216fd35"]) bind$bt_hci(r6, &(0x7f0000000000)={0x1f, 0xffffffffffffffff, 0x3}, 0x6) (async) write$bt_hci(r6, &(0x7f0000000580)=ANY=[@ANYBLOB="5200000002"], 0x8) landlock_restrict_self(0xffffffffffffffff, 0x0) r7 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TIOCSETD(r7, 0x5423, &(0x7f0000000240)=0x7) ioctl$TIOCVHANGUP(r7, 0x5437, 0x2) 321.800444ms ago: executing program 2 (id=371): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000300), 0x0, 0x0) r1 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r2 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000100)={0x6, 0x1f, 0x6}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000080)={0x2, 0x5, 0x3}) r4 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x0) r5 = syz_open_dev$dri(&(0x7f0000000180), 0x1, 0x7f8240) ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r1, 0xc00464b4, &(0x7f0000000240)={r3}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r5, 0xc02064b2, &(0x7f0000000340)={0xda2, 0x8169, 0x6, 0x0, 0x0}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r4, 0xc02064b2, &(0x7f00000000c0)={0xdb, 0x1ff, 0xb}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f00000001c0)={0x15, 0x1, 0x3}) ioctl$DRM_IOCTL_MODE_DESTROY_DUMB(r4, 0xc00464b4, &(0x7f0000000400)={r6}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000040)={0x49, 0x7fff, 0x4}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r2, 0xc02064b2, &(0x7f0000000200)={0x10001, 0x401f, 0x3}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f0000000380)={0xff, 0x3, 0xd83f}) ioctl$DRM_IOCTL_MODE_CREATE_DUMB(r1, 0xc02064b2, &(0x7f00000002c0)={0x8, 0xd7, 0x8}) close_range(r0, 0xffffffffffffffff, 0x0) 319.200463ms ago: executing program 0 (id=372): r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) ioctl$KVM_CREATE_IRQCHIP(r1, 0xae60) r2 = ioctl$KVM_CREATE_VCPU(r1, 0xae41, 0x0) ioctl$EVIOCSKEYCODE_V2(0xffffffffffffffff, 0x40284504, &(0x7f00000004c0)={0x4, 0x15, 0x20, 0x0, "c3fea293681a0fa1ff856aa471fe2617dfb4eb45d73158000000568e00"}) syz_kvm_setup_cpu$x86(0xffffffffffffffff, r2, &(0x7f0000fe8000/0x18000)=nil, &(0x7f0000000100)=[@text64={0x40, &(0x7f0000000200)="f7790066baa00066b86b4266ef66ba420066b8e20066ef0f29902cbb0000c4e2b1ba8c88d9000000666666440f38826b410f7842280f07b8010000000f01d9c4033921820f47a753fd", 0x49}], 0x1, 0x43, 0x0, 0x0) syz_kvm_setup_cpu$x86(r1, 0xffffffffffffffff, &(0x7f0000fe8000/0x18000)=nil, &(0x7f00000001c0)=[@text32={0x20, &(0x7f0000000400)="66e000b8010000000f01c1b94c0300000f32b9be0200000f32b9800000c00f3235000400000f307373baf80cb8185c2989b8dd6a00000f23c80f21f8350c0000000f23f86619820c252566baf80cb89fa7d981ef66bafc0cec0f01c566ba4200b00dee0f01cb", 0x66}], 0x1, 0x0, 0x0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) socket$nl_generic(0x10, 0x3, 0x10) syz_genetlink_get_family_id$mptcp(&(0x7f00000000c0), 0xffffffffffffffff) getsockopt$inet_pktinfo(0xffffffffffffffff, 0x0, 0x8, &(0x7f00000004c0)={0x0, @remote, @dev}, &(0x7f0000000500)=0xc) sendmsg$MPTCP_PM_CMD_ADD_ADDR(r3, &(0x7f0000000180)={0x0, 0x0, 0x0}, 0x0) r4 = socket$inet6(0xa, 0x5, 0x0) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000040)={0x10000, 0x6, 0xeeee0000, 0x1000, &(0x7f0000ff9000/0x1000)=nil}) setsockopt$inet_sctp6_SCTP_SOCKOPT_BINDX_ADD(r4, 0x84, 0x64, &(0x7f0000000100)=[@in={0x2, 0x8, @loopback}], 0x10) sched_setaffinity(0x0, 0x0, 0x0) close(0xffffffffffffffff) openat$sysfs(0xffffff9c, &(0x7f0000000080)='/sys/power/pm_async', 0x48000, 0x108) r5 = syz_open_dev$vim2m(&(0x7f0000000000), 0x47b, 0x2) ioctl$vim2m_VIDIOC_S_CTRL(r5, 0xc008561c, &(0x7f00000002c0)={0x80f0f002, 0x1}) ioctl$KVM_SET_CPUID2(r2, 0x4008ae90, &(0x7f0000000280)={0x1, 0x0, [{0x1, 0x9, 0x6, 0xae, 0x1000, 0xfab9, 0x1000}]}) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) mmap$IORING_OFF_SQ_RING(&(0x7f0000400000/0xc00000)=nil, 0xc00000, 0x0, 0x5d031, 0xffffffffffffffff, 0x0) mmap(&(0x7f0000000000/0xff5000)=nil, 0xff5000, 0x2000002, 0x4ca31, 0xffffffffffffffff, 0x0) ioctl$KVM_SET_VCPU_EVENTS(r2, 0x4400ae8f, &(0x7f0000000140)) ioctl$KVM_RUN(r2, 0xae80, 0x0) 255.487157ms ago: executing program 1 (id=373): syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), 0xffffffffffffffff) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x6, 0x0, 0x33, "0062ba7d82000000000000000000f7ffffff00"}) r1 = syz_open_pts(r0, 0x0) r2 = dup3(r1, r0, 0x0) r3 = socket$nl_generic(0x10, 0x3, 0x10) r4 = syz_genetlink_get_family_id$tipc2(&(0x7f00000041c0), 0xffffffffffffffff) sendmsg$TIPC_NL_BEARER_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x28, r4, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x28}}, 0x0) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x17) syz_genetlink_get_family_id$netlbl_cipso(&(0x7f0000000bc0), 0xffffffffffffffff) (async) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x41, 0x0) (async) write$binfmt_aout(r0, &(0x7f00000000c0)=ANY=[], 0xff2e) (async) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000dc0)={0x0, 0x0, 0x6, 0x0, 0x33, "0062ba7d82000000000000000000f7ffffff00"}) (async) syz_open_pts(r0, 0x0) (async) dup3(r1, r0, 0x0) (async) socket$nl_generic(0x10, 0x3, 0x10) (async) syz_genetlink_get_family_id$tipc2(&(0x7f00000041c0), 0xffffffffffffffff) (async) sendmsg$TIPC_NL_BEARER_GET(r3, &(0x7f0000000180)={0x0, 0x0, &(0x7f0000000140)={&(0x7f0000000040)={0x28, r4, 0x1, 0x0, 0x0, {}, [@TIPC_NLA_BEARER={0x14, 0x1, 0x0, 0x1, [@TIPC_NLA_BEARER_NAME={0xd, 0x1, @udp='udp:syz0\x00'}]}]}, 0x28}}, 0x0) (async) ioctl$TIOCSTI(r2, 0x5412, &(0x7f0000000000)=0x17) (async) 252.409184ms ago: executing program 2 (id=374): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000080), 0xffffffffffffffff) sendmsg$TIPC_NL_MON_PEER_GET(r0, &(0x7f0000000080)={0x0, 0x0, &(0x7f0000000040)={&(0x7f0000000300)={0x18, r1, 0x311, 0xfffffffc, 0x0, {}, [@TIPC_NLA_MON={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x4000000}, 0x0) r2 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r3 = syz_genetlink_get_family_id$ieee802154(&(0x7f00000000c0), 0xffffffffffffffff) r4 = openat$cgroup_root(0xffffffffffffff9c, &(0x7f0000000000), 0x200002, 0x0) r5 = openat$cgroup_ro(r4, &(0x7f0000000180)='blkio.throttle.io_service_bytes_recursive\x00', 0x0, 0x0) r6 = openat$cgroup_int(r4, &(0x7f0000000080)='blkio.throttle.write_bps_device\x00', 0x2, 0x0) sendfile(r6, r5, 0x0, 0x100000001) openat(r5, &(0x7f00000001c0)='./file0\x00', 0x101c0, 0x4) sendmsg$IEEE802154_LLSEC_LIST_DEV(r2, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x10000000}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x14, r3, 0x0, 0x70bd2c, 0x25dfdbfb, {}, ["", "", "", "", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x810}, 0x884) 251.057077ms ago: executing program 2 (id=375): r0 = openat$ttyprintk(0xffffffffffffff9c, &(0x7f0000000000), 0x8801, 0x0) ioctl$TCSETAF(r0, 0x5408, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x0, 0x0, "12f3ea420ebf00"}) close_range(r0, r0, 0x2) madvise(&(0x7f0000000000/0x600000)=nil, 0x600000, 0x15) syz_open_procfs$pagemap(0x0, &(0x7f0000000600)) r1 = syz_open_dev$sndpcmp(&(0x7f0000000000), 0x0, 0x0) r2 = socket$inet6(0xa, 0x3, 0x3c) connect$inet6(r2, &(0x7f00000000c0)={0xa, 0x4e24, 0x0, @local, 0x7}, 0x1c) sendmmsg$inet(r2, &(0x7f0000000f00)=[{{0x0, 0x0, &(0x7f0000000180)=[{&(0x7f00000001c0)="2cae1baf930b4569b9ddef9797ffd935c7d80e6466b3e4e62dc960", 0x1b}], 0x1, 0x0, 0x0, 0x900}}], 0x1, 0x24000004) ioctl$SNDRV_PCM_IOCTL_UNLINK(r1, 0x40044160, 0x3) writev(r0, &(0x7f0000000340)=[{&(0x7f0000000780)='\r', 0x1}], 0x1) munlock(&(0x7f0000fee000/0xf000)=nil, 0xf000) 178.110781ms ago: executing program 2 (id=376): mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) socket$netlink(0x10, 0x3, 0x10) (async) socket$netlink(0x10, 0x3, 0x10) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f00000003c0)={0x18, 0x10, &(0x7f00000000c0)=ANY=[], &(0x7f0000000000)='GPL\x00', 0x8, 0xb4, &(0x7f0000000140)=""/180, 0x41000, 0x3, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x37, @void, @value}, 0x94) syz_open_dev$video4linux(&(0x7f0000000000), 0x101, 0x0) openat$vsock(0xffffff9c, &(0x7f00000001c0), 0x40101, 0x0) r0 = openat$kvm(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) (async) setsockopt$inet_mreqn(0xffffffffffffffff, 0x0, 0x0, &(0x7f0000000000)={@multicast1, @local}, 0xc) ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) (async) r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0) syz_genetlink_get_family_id$tipc2(&(0x7f0000000100), 0xffffffffffffffff) r2 = ioctl$KVM_CREATE_VCPU(0xffffffffffffffff, 0xae41, 0x1) ioctl$KVM_SET_USER_MEMORY_REGION(r1, 0x4020ae46, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x2000, &(0x7f0000000000/0x2000)=nil}) ioctl$KVM_NMI(r2, 0xae9a) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0x0, 0x0, &(0x7f00000001c0)='GPL\x00', 0x2ec, 0x0, 0x0, 0x0, 0x2, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000004c0)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]}) (async) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000004c0)={[0x0, 0x100000000, 0x0, 0x0, 0x0, 0x0, 0x2004c8, 0x8000000, 0x0, 0x0, 0xfffffffffffffffe]}) sendmsg$NL80211_CMD_SET_KEY(r2, &(0x7f0000000480)={&(0x7f0000000080)={0x10, 0x0, 0x0, 0x40}, 0xc, 0x0, 0x1, 0x0, 0x0, 0x4004841}, 0x4810) ioctl$KVM_RUN(r2, 0xae80, 0x0) ioctl$KVM_SET_REGS(r2, 0x4090ae82, &(0x7f00000002c0)={[0x400000000000002, 0x5, 0xfffffffffffffffe, 0x4, 0x2, 0x0, 0xefffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x3], 0x0, 0x41901}) ioctl$KVM_RUN(r2, 0xae80, 0x0) (async) ioctl$KVM_RUN(r2, 0xae80, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) (async) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000640)=0x6) getpid() (async) r3 = getpid() sched_setscheduler(r3, 0x2, &(0x7f0000000200)=0x4) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)) (async) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) (async) connect$unix(r4, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) (async) sendmmsg$unix(r5, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r4, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setaffinity(0x0, 0xfffffffffffffc33, &(0x7f0000000280)=0x2) ioctl$I2C_SMBUS(0xffffffffffffffff, 0x720, &(0x7f0000003080)={0x1, 0x0, 0x6, &(0x7f0000003040)={0x0, "f4e1a230be8f46463fb1a5f1b44f44eaa65e485b747aa95df8c01eaf07677d18bc"}}) 177.549139ms ago: executing program 1 (id=377): r0 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000180)='./binderfs/binder0\x00', 0x0, 0x0) r2 = dup3(r1, r0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f00000003c0)={0x50, 0x0, &(0x7f0000000280)=[@enter_looper, @register_looper, @enter_looper, @reply={0x40406301, {0x0, 0x0, 0x0, 0x0, 0x21, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) bpf$PROG_LOAD(0x5, &(0x7f00000017c0)={0x1, 0xe, &(0x7f0000000200)=ANY=[@ANYBLOB="b700000081000000bfa30000000000000703000009feffff720a00fef8ffffff71a400fe0000000071101000000000001d300200000000004704000001ed030407000000c00000001d440000000000006b0a00fe0000000072030000000a0000e500f9ff000000009500000000000000023bc065b58111c6dfa041b63af4a3912435f1a864a710aad58db6a693002e7f3be361917adef6ee1c8a2a4f8ef1e50becb19bc461e91a7168c50000000190f32050e436fe275daf51efd601b6bf01c8e8b1b526375ec4dd6fcd82e4fe51bef7af9aa0d7d600c095199fe3ff3128e599b0eaebbdbd732c9cc00eec363e4a8f6456e2cc21557c0afc646cb7798b3e6440c2fbdb00a3e35208b0bb0d2cd829e654400e2438ec649dc74a28610643a98d9ec21ead2ed51b104d4d91af25b845d8a7925c3109b151b8b9f75dd08d123deda88c658d42ecbf28bf7076c15b463bebc72f526d8e8afcb913466aaa7f6df70252e79166d858fcd0e06dd31af9612f2460d0b11008e59a5923906f88b53987ad1714e72ba7a54f0c33d39000d06a59ff616276fd9aa58f2477184b6a89adaf17b0a6041bdef728d236619074d6ebdfd1f5089048ddff6da40f9411fe722631cb467600ade70063e5291569b33d21dae356e1c51f03a801be8189679a16da18ec0ae564162a27afea62d84f3a10746443d6438e959532e0617d419c6bc6ea9f2bca4464f56e24e6d2105bd901204a1deeed4155617572652d950ad31928b0b0c3dc2869f478341d02d0f5ad94b081fcd507acb4b9c65fee9d5a17f48a7382f13d000000225d85ae49cee383dc5049076b989b40000000000000da60d2ae20cfb91d6a49964757cdf538f9ce2bdb1ab062cd54e67011d355d84ce97bb0c6b4a595e487efbb2d71cde2c140952f9a0f0bc6980fe78683ac5c0c31032599ddd71063be9261b2e1aab1675b34a26048ef8c126aeef5f510a8f1aded94a129e4aec6f8d9ab06faffc3a15d96c2ea3e2e04cfe031b2875353193f82ade69d0540059fe6c7fe7cd8697502c7596566d674e425da5e87e59602a9f6590521d31d3804b3e0a1053abdc31282dfb15eb6841bb64a1b304502dda787343ce3c953992e4a982f3c48153baae244e7bf37548c7f1a4cad2422ee965a38f7defbd2160242b104e20dc2d9b0c35608d402ccdd9069bd50b994fda7a9de44028d6112a0c2d21b2dc98816106dec28eaeb883418f562ae00003ea96d10f172c0374d6eed826416050000000bfe9b4a9c5a90ff59d54d1f92ecc4e95dd2d18383117c039862198899b212c55318294270a1ad10c80fef7c24d47afce829ba0f85da6d888f18ea40ab959f6074ab2a40d85d15017ab513cdc6c0e57fb1c1ca571380d7b4ead35a385e0b4a26b702396df7e0c1e02b6e4114f244a9bf93f04bf072f0861f7580e69db384ac7eeedcf2ba1a9508f9d6aba582a896a9f1ffa968eacea75caf822a7a63ba34015ea5aacb1188883ad2a3b1832371fe5bc621426d1ed0a4a99702cc1b6912a1e717d29135753208165b9cdbae2ed9dc7358f0ebadde0b727f27feeb744ddcc536cbae315c7d1fe1399562ba6824840bd2951680f6f2f9a6a8346962a350845ffa0d829e4f79adc287906943408e6df3c391e97ba48db0a5adbfd03aac93df8866fb010aec0e92bed1fe39af169d2a466f0db6f3d9436a7d55fc30511d00e10000c95265b2bd83d64a532869d701723fedcbada1ee7baa5b6a686b50f0937f778af083e055f6138a757ebd0ed91124a6b244f9acf41ac5d73a008364e0606a594817031fc2f52c8785fe0721719b3d654026c6ea08b83b5703dad844ceb201ddeb6dc5f6a903792283c42efc54fa84323afc4c10eff462c8843187f1dd48ef3fa293774d582956ff0f40b10ca94f6feeb2893c17888e1cdba94a6ea80c33ead5722c3293a493f1479531dd88261458f40d31fe8df15efaaeea831555877f9538d6ee6ba65893ff1f908ba7554ba583fef3ec7932f5954f31a878e2fae6691d1aee1da02ba516467df3e7d1daac43738012e4fee18a22da19fcdb4c2890cda1f96b952511e3a69d694d625e0b2f808890205f3a6da2819d2f9e77c7c64affa54fec0136cbafa5f6f096753b639a924599c1f69219927ea5301fff0a6063d427f0688430754c02180d61542c2571f983e9673560000000000000000005a7b57f03ca91a01ba2e30ca99e8ebc15ecb4d91675767999d146aef7799738b292fd640dfef6b04d086f737a159d7e0c6e4d81ad64a8bbca48568325b2969e2b15f36b788bce5ccdbaf75c94cb93499f6947a967a7bce14c6de4e7c0660d80010f5c653d22d490cba8c2a4ab595bf4238f18ca428dafc7ac96d404607a0000000051a2104f22e6db5a62b5089c1b45282d38864daa3ae81d6b0968d1d2867b91b7d120617d12d91db2633d6864da40b54783a17aaeb6737c323f9f98e354cc98dcfe23ad01bd1c61563e69ffe1c2c73e16e1461173f359e93d2c5e424c17998809ec8f0232b3955e052a4cecd89008f70314a0bdec86f9b1eb93d491ec86a4555d89fe0120f64c62e8e3ed8bcb45202c3d4bbec8d722824c0ebca8db1ea4a003d2fbdc1f9be78537756ab5bbe4fe9af5d785d0128171c90d9900ce2532b0f9d01c4b45294fbba468df3e1b583cb4e62e754598e47df6bd06431c94bc5d047899fd219f448bf9189c65c9d91eda6b52a373803a9efe44f86909bc90addb7b9aee813df534aac4b3093c91b8068cd84990453f806694d461b76a58d88cf0f520310a1e80dc18cde9ad662eee077515d0a8811922929e085392ab3d1311b8243266d87047f601fa88a0da36b9f302e8262395174328f2482d14008de83070744f143fdec90ba5a82668d5fac114c13955ad6dca5db2231d8ba14c54c47ed04a4b4ace17e357e1d6432399f87a7a14245bbd796a090f3b247b95d37ff40a404bdad74bd20000000000000000000099fef7cd7af3ce64a92f95d89d125b1e641240d7e5e27a3d1f7684448c3e3822d617e205061298b939a191be4b48e169bde2cae3accc5bd40a2968b59c93d35f8e42366fdef9a2abae1cf01ce68abff28861aac8302d268569dd42e194e330c7aaa54ebbcefd23f21ce8153b9926e12e925cb56119df72c7533a48d028ad0c74e2a9478fa3be18a1a2b65079cc1c00000000000000f59dd19e8d525206c0a728cfd42193abe8130bc01a2d69841f3d7799ac04bdc590bb1c89b9c695f163e57343c9bfb59909433c9001c5f8b23e38534a538fc933cac6c2a92d038df638a0f226df9fb857bd414c2cd69985e8053e3dfa41614d7c74d04d8c2471041d17c730fad28395f8d4688898cd58b9d600c851626529bb58aa364b55e73f053450665e7b94ed1012fd7a8139166fd5e59c84f4ab279b1b99c028db4cb9680c8035f967db18de738844da7e260a830c1ffa49f5af3c15423a0e315acb82a3e89218cb314e68fda4d94aa1d815babc13b9fd336d205c5913ef67cf0216e2d81e6127bd9d7fab28800eaab2355992f8ce4cd38add4b272c0bee4076ca4847ffa691cf78fb7ec212bad3bef29f577ea7159b7f3025b3d977ff7c91024cf71126233cb8791c3c"], &(0x7f00000001c0)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, &(0x7f0000000000), 0x0, 0x10, &(0x7f0000000000), 0xfffffffffffffd00, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x48) r3 = syz_genetlink_get_family_id$SEG6(&(0x7f0000000080), r2) sendmsg$SEG6_CMD_SETHMAC(r2, &(0x7f0000000c40)={&(0x7f0000000040)={0x10, 0x0, 0x0, 0x200}, 0xc, &(0x7f0000000140)={&(0x7f0000000100)={0x24, r3, 0x400, 0x70bd29, 0x25dfdbfb, {}, [@SEG6_ATTR_DSTLEN={0x8, 0x2, 0x4}, @SEG6_ATTR_DSTLEN={0x8, 0x2, 0x8}]}, 0x24}, 0x1, 0x0, 0x0, 0x40000}, 0x40) 454.305µs ago: executing program 0 (id=378): r0 = bpf$BPF_BTF_LOAD(0x12, &(0x7f0000000140)={&(0x7f0000000000)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xcf, 0xcf, 0x6, [@datasec={0xa, 0x3, 0x0, 0xf, 0x3, [{0x5, 0x65ba, 0xceb}, {0x3, 0x93, 0x8}, {0x3, 0x2000000, 0x6}], "a4bcdd"}, @func={0xf, 0x0, 0x0, 0xc, 0x2}, @volatile, @enum64={0xc, 0x7, 0x0, 0x13, 0x0, 0x0, [{0x4, 0xfffffff8, 0x8}, {0x3, 0x3ff, 0xe99}, {0x8, 0xb55, 0x2d4}, {0x6, 0xc96}, {0x5, 0x8, 0x6}, {0xc, 0x6, 0xf}, {0x5, 0x7ff, 0x1}]}, @float={0xf, 0x0, 0x0, 0x10, 0x10}, @typedef={0xe, 0x0, 0x0, 0x8, 0x1}, @func={0x1, 0x0, 0x0, 0xc, 0x5}]}, {0x0, [0x0, 0x61, 0x30, 0x2e]}}, &(0x7f00000009c0)=""/4096, 0xee, 0x1000, 0x1, 0xb, 0x10000, @value}, 0x28) (async) r1 = creat(&(0x7f00000001c0)='./file0\x00', 0x0) write(r1, &(0x7f0000000300)='(', 0x1) write$uinput_user_dev(r1, &(0x7f0000000400)={'syz0\x00', {0x7, 0x4, 0x6, 0xfffa}, 0x1d, [0x86, 0xc95a, 0x3, 0x3, 0x80, 0x2, 0x1, 0x7f, 0x5, 0x4d, 0xfffffff2, 0x2, 0xa, 0x3, 0xffff2d37, 0x1dd2, 0x6, 0x7, 0x0, 0x80000001, 0x4, 0x7, 0x3, 0x3c5b, 0x3, 0x24, 0xffffffff, 0x1, 0x1f461e2c, 0x2, 0xe661, 0x4, 0x7, 0x3, 0x7fff, 0x4c74, 0x8f00, 0x642, 0x3, 0xa, 0x0, 0x71, 0x7, 0x7, 0x103, 0x3, 0x5, 0x3c, 0x8f, 0x5, 0x6, 0x3, 0x5, 0x8, 0x3, 0x0, 0x80, 0x0, 0x5, 0xfffffff7, 0x8, 0x4, 0x1, 0x40], [0x10000007, 0xffff, 0x12f, 0x8000, 0x10, 0xfffffff3, 0x129432e6, 0xcb, 0xf6, 0xd, 0x2bf, 0x6c9, 0x9, 0xfffffffc, 0x3, 0x0, 0x7, 0x9, 0x2f, 0xe, 0x101, 0x78, 0xea4, 0xa, 0x4, 0x4, 0x8000, 0x800009, 0x400, 0x1, 0x6, 0xfffffffd, 0xff, 0xffff, 0x9, 0x5f31, 0x0, 0x0, 0x6, 0x2, 0x9, 0x4, 0x9, 0x8, 0x9, 0x6, 0x2, 0x0, 0x1, 0x8000, 0xffff, 0x2, 0x7f, 0x9, 0x5, 0x3, 0x4, 0x1, 0x7, 0x6, 0xb, 0x48c93690, 0x2, 0xff], [0x7, 0x4, 0x0, 0x64e, 0xfffffdfe, 0x7fffffff, 0x8d2, 0x9, 0x6, 0x7fff, 0x0, 0x6, 0xb, 0x4, 0x5, 0x5, 0x0, 0x1f0, 0x5, 0x8, 0x86, 0x8, 0x10000009, 0x3e7, 0x2, 0x2, 0x202, 0x2, 0xf, 0x8, 0x4, 0x6d01, 0x25, 0x3b, 0x3, 0x200, 0x80, 0x3, 0x4, 0x2950bfaf, 0x7, 0xa2, 0x7, 0x53cf697b, 0x5, 0x6, 0x54fe12d2, 0xbf, 0xb, 0x3, 0x400000, 0xfffffff9, 0x1, 0x1, 0x5, 0x1, 0x5, 0x0, 0x120000, 0x3, 0x6, 0x9, 0x5, 0x3], [0x9, 0xbb31, 0x3, 0xb, 0x5, 0x938, 0x6, 0x6, 0x0, 0x5, 0xce7, 0x1ff, 0x6, 0x7, 0x5, 0x2, 0x101, 0x10000, 0x6, 0x7fff, 0xffff, 0xa620, 0x2, 0x5, 0x1, 0x2, 0x7, 0x60a7, 0x6, 0x6, 0xffffffff, 0x80000000, 0x805, 0x8, 0xc8, 0xca2, 0x3, 0xffff, 0x3, 0x9, 0x100, 0x9602, 0xa, 0x2, 0x4, 0x6, 0x1, 0x10000, 0x5, 0x8, 0x2b91, 0xa1f, 0x8, 0x80000009, 0x1, 0x6c1b, 0x0, 0x4, 0x8, 0xb1c, 0x1, 0x200, 0xffff3441, 0xfff]}, 0x45c) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x0, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="180100001c00000000000000000000fd840000006d00000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x8e, '\x00', 0x0, 0x2, r0, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0xffffffff, @void, @value}, 0x94) (async) r2 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x11, 0x4, &(0x7f00000002c0)=ANY=[], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f0000000980)='sys_exit\x00', r2}, 0x10) (async) membarrier(0x10, 0x0) membarrier(0x8, 0x0) 0s ago: executing program 0 (id=379): r0 = socket$inet_sctp(0x2, 0x5, 0x84) shutdown(r0, 0x0) getsockopt$inet_sctp_SCTP_SOCKOPT_CONNECTX3(r0, 0x84, 0x6f, &(0x7f0000000100)={0x0, 0x10, &(0x7f0000000300)=[@in={0x2, 0x0, @initdev={0xac, 0x1e, 0x0, 0x0}}]}, &(0x7f0000000080)=0x10) getsockopt$inet_sctp_SCTP_SOCKOPT_PEELOFF(r0, 0x84, 0x66, &(0x7f0000000040)={r1}, &(0x7f00000000c0)=0x8) bpf$MAP_CREATE(0x0, &(0x7f0000000100)=@base={0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r2 = syz_init_net_socket$ax25(0x3, 0x2, 0x0) connect$ax25(r2, &(0x7f0000000100)={{0x3, @bcast, 0x4}, [@rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @bcast, @bcast, @netrom={0xbb, 0xbb, 0xbb, 0xbb, 0xbb, 0x0, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x3}, @default, @rose={0xbb, 0xbb, 0xbb, 0x1, 0x0}, @remote={0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0xcc, 0x2}]}, 0x48) listen(r0, 0x9) listen(r0, 0x1) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:61995' (ED25519) to the list of known hosts. [ 33.305678][ T5857] cgroup: Unknown subsys name 'net' [ 33.476608][ T5857] cgroup: Unknown subsys name 'cpuset' [ 33.479551][ T5857] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 34.282820][ T5857] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 36.235248][ T5938] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 36.248622][ T5948] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 36.251288][ T5948] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 36.254282][ T5948] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 36.256925][ T5948] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 36.259718][ T5948] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 36.262362][ T5948] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 36.265385][ T5948] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 36.267714][ T5948] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 36.270344][ T5948] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 36.272915][ T5948] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 36.276211][ T5948] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 36.277866][ T5949] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 36.279034][ T5948] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 36.283856][ T5948] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 36.284088][ T5951] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 36.288367][ T5951] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 36.290824][ T65] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 36.291297][ T5948] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 36.292732][ T65] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 36.294792][ T5952] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 36.295574][ T5952] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 36.295655][ T5948] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 36.304847][ T65] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 36.469701][ T5943] chnl_net:caif_netlink_parms(): no params data found [ 36.513182][ T5937] chnl_net:caif_netlink_parms(): no params data found [ 36.564795][ T5940] chnl_net:caif_netlink_parms(): no params data found [ 36.580949][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.583332][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.586793][ T5943] bridge_slave_0: entered allmulticast mode [ 36.588829][ T5943] bridge_slave_0: entered promiscuous mode [ 36.615098][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.617197][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.619377][ T5943] bridge_slave_1: entered allmulticast mode [ 36.621813][ T5943] bridge_slave_1: entered promiscuous mode [ 36.652577][ T5946] chnl_net:caif_netlink_parms(): no params data found [ 36.655628][ T5937] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.657748][ T5937] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.659923][ T5937] bridge_slave_0: entered allmulticast mode [ 36.661821][ T5937] bridge_slave_0: entered promiscuous mode [ 36.677269][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 36.681661][ T5937] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.683546][ T5937] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.685502][ T5937] bridge_slave_1: entered allmulticast mode [ 36.687729][ T5937] bridge_slave_1: entered promiscuous mode [ 36.715391][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 36.736017][ T5937] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 36.738812][ T5940] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.740693][ T5940] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.742557][ T5940] bridge_slave_0: entered allmulticast mode [ 36.744949][ T5940] bridge_slave_0: entered promiscuous mode [ 36.776353][ T5937] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 36.790080][ T5940] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.792568][ T5940] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.795199][ T5940] bridge_slave_1: entered allmulticast mode [ 36.797933][ T5940] bridge_slave_1: entered promiscuous mode [ 36.833159][ T5943] team0: Port device team_slave_0 added [ 36.844791][ T5937] team0: Port device team_slave_0 added [ 36.857444][ T5943] team0: Port device team_slave_1 added [ 36.860866][ T5940] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 36.872359][ T5946] bridge0: port 1(bridge_slave_0) entered blocking state [ 36.874322][ T5946] bridge0: port 1(bridge_slave_0) entered disabled state [ 36.876212][ T5946] bridge_slave_0: entered allmulticast mode [ 36.878129][ T5946] bridge_slave_0: entered promiscuous mode [ 36.881664][ T5937] team0: Port device team_slave_1 added [ 36.900655][ T5940] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 36.903215][ T5946] bridge0: port 2(bridge_slave_1) entered blocking state [ 36.905104][ T5946] bridge0: port 2(bridge_slave_1) entered disabled state [ 36.906976][ T5946] bridge_slave_1: entered allmulticast mode [ 36.908929][ T5946] bridge_slave_1: entered promiscuous mode [ 36.940644][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.942423][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.950373][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.973060][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 36.975080][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.981619][ T5937] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 36.985472][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 36.987374][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 36.994134][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 37.011054][ T5940] team0: Port device team_slave_0 added [ 37.013988][ T5940] team0: Port device team_slave_1 added [ 37.016344][ T5946] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 37.018884][ T5937] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 37.020680][ T5937] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 37.027125][ T5937] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 37.035401][ T5946] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 37.056985][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 37.059360][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 37.068669][ T5940] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 37.072104][ T5940] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 37.074556][ T5940] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 37.081579][ T5940] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 37.126175][ T5946] team0: Port device team_slave_0 added [ 37.147737][ T5937] hsr_slave_0: entered promiscuous mode [ 37.149735][ T5937] hsr_slave_1: entered promiscuous mode [ 37.153994][ T5943] hsr_slave_0: entered promiscuous mode [ 37.155875][ T5943] hsr_slave_1: entered promiscuous mode [ 37.157612][ T5943] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 37.159700][ T5943] Cannot create hsr debugfs directory [ 37.162764][ T5946] team0: Port device team_slave_1 added [ 37.188465][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 37.190304][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 37.197064][ T5946] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 37.220228][ T5940] hsr_slave_0: entered promiscuous mode [ 37.222212][ T5940] hsr_slave_1: entered promiscuous mode [ 37.225203][ T5940] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 37.227147][ T5940] Cannot create hsr debugfs directory [ 37.228774][ T5946] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 37.230547][ T5946] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 37.237140][ T5946] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 37.332476][ T5946] hsr_slave_0: entered promiscuous mode [ 37.335392][ T5946] hsr_slave_1: entered promiscuous mode [ 37.337537][ T5946] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 37.340019][ T5946] Cannot create hsr debugfs directory [ 37.539081][ T5937] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 37.543425][ T5937] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 37.550769][ T5937] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 37.558506][ T5937] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 37.567948][ T5943] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 37.574943][ T5943] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 37.577917][ T5943] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 37.581092][ T5943] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 37.603164][ T5940] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 37.608794][ T5940] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 37.611944][ T5940] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 37.617196][ T5940] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 37.639120][ T5946] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 37.643591][ T5946] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 37.649345][ T5946] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 37.652505][ T5946] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 37.724532][ T5937] 8021q: adding VLAN 0 to HW filter on device bond0 [ 37.730881][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0 [ 37.741363][ T5940] 8021q: adding VLAN 0 to HW filter on device bond0 [ 37.747894][ T5937] 8021q: adding VLAN 0 to HW filter on device team0 [ 37.757905][ T5943] 8021q: adding VLAN 0 to HW filter on device team0 [ 37.762106][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.764132][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.770812][ T5946] 8021q: adding VLAN 0 to HW filter on device bond0 [ 37.777308][ T12] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.779165][ T12] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.781777][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.783677][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.787757][ T5940] 8021q: adding VLAN 0 to HW filter on device team0 [ 37.792121][ T12] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.794027][ T12] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.808771][ T63] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.810652][ T63] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.815022][ T5946] 8021q: adding VLAN 0 to HW filter on device team0 [ 37.822180][ T63] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.824846][ T63] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.837454][ T1251] bridge0: port 1(bridge_slave_0) entered blocking state [ 37.839340][ T1251] bridge0: port 1(bridge_slave_0) entered forwarding state [ 37.845630][ T1251] bridge0: port 2(bridge_slave_1) entered blocking state [ 37.847795][ T1251] bridge0: port 2(bridge_slave_1) entered forwarding state [ 37.944947][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 37.956752][ T5937] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 37.978519][ T5940] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 37.983060][ T5943] veth0_vlan: entered promiscuous mode [ 37.987607][ T5946] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 37.995634][ T5943] veth1_vlan: entered promiscuous mode [ 38.003387][ T5937] veth0_vlan: entered promiscuous mode [ 38.011994][ T5943] veth0_macvtap: entered promiscuous mode [ 38.016151][ T5943] veth1_macvtap: entered promiscuous mode [ 38.022099][ T5937] veth1_vlan: entered promiscuous mode [ 38.032989][ T5946] veth0_vlan: entered promiscuous mode [ 38.042785][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 38.050860][ T5940] veth0_vlan: entered promiscuous mode [ 38.054533][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 38.059674][ T5937] veth0_macvtap: entered promiscuous mode [ 38.062922][ T5946] veth1_vlan: entered promiscuous mode [ 38.068137][ T5937] veth1_macvtap: entered promiscuous mode [ 38.070938][ T5943] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.073315][ T5943] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.077236][ T5943] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.079504][ T5943] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.085312][ T5940] veth1_vlan: entered promiscuous mode [ 38.106202][ T5946] veth0_macvtap: entered promiscuous mode [ 38.113988][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 38.116868][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 38.119971][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 38.122941][ T5946] veth1_macvtap: entered promiscuous mode [ 38.132874][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 38.136222][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 38.138756][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 38.141425][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 38.145288][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 38.156303][ T5937] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 38.159048][ T5937] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 38.162060][ T5937] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 38.164877][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 38.168386][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 38.171689][ T5946] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 38.175695][ T5946] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 38.178946][ T5946] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 38.182228][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.185112][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.186131][ T5940] veth0_macvtap: entered promiscuous mode [ 38.190728][ T5937] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.193008][ T5937] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.195464][ T5937] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.198423][ T5937] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.207465][ T5946] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.209780][ T5946] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.212023][ T5946] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.214470][ T5946] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.221381][ T5940] veth1_macvtap: entered promiscuous mode [ 38.233346][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.235759][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.261322][ T63] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.262302][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 38.263378][ T63] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.268698][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 38.272231][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 38.276532][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 38.280082][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 38.283528][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 38.288068][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 38.296131][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 38.298917][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 38.301375][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 38.304373][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 38.306959][ T5940] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 38.309664][ T5940] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 38.313532][ T5940] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 38.319415][ T5943] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 38.322423][ T5940] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.326508][ T5940] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.329407][ T5940] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.332318][ T5940] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 38.344945][ T5952] Bluetooth: hci2: command tx timeout [ 38.344949][ T5938] Bluetooth: hci3: command tx timeout [ 38.344970][ T65] Bluetooth: hci1: command tx timeout [ 38.345008][ T5942] Bluetooth: hci0: command tx timeout [ 38.359040][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.361214][ T74] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.361951][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.366110][ T74] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.385704][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.389732][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.424172][ T12] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.426197][ T12] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.446029][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 38.447800][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 38.465923][ T6004] netlink: 56 bytes leftover after parsing attributes in process `syz.3.4'. [ 38.468914][ T6004] netlink: 56 bytes leftover after parsing attributes in process `syz.3.4'. [ 38.533780][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 38.535972][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 38.560147][ T6014] netlink: 28 bytes leftover after parsing attributes in process `syz.1.5'. [ 38.603759][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 38.606402][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 38.639365][ T6016] loop9: detected capacity change from 0 to 6 [ 38.646402][ T6016] Dev loop9: unable to read RDB block 6 [ 38.648045][ T6016] loop9: unable to read partition table [ 38.649896][ T6016] loop9: partition table beyond EOD, truncated [ 38.651938][ T6016] loop_reread_partitions: partition scan of loop9 (被xڬdƤݡ [ 38.651938][ T6016] ) failed (rc=-5) [ 38.683009][ T6020] netlink: 4 bytes leftover after parsing attributes in process `syz.2.3'. [ 38.699268][ T6019] netlink: 'syz.1.6': attribute type 7 has an invalid length. [ 38.725180][ T6016] Dev loop9: unable to read RDB block 6 [ 38.726768][ T6016] loop9: unable to read partition table [ 38.728389][ T6016] loop9: partition table beyond EOD, truncated [ 38.730112][ T6016] loop_reread_partitions: partition scan of loop9 (被xڬdƤݡ [ 38.730112][ T6016] ) failed (rc=-5) [ 39.083912][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 39.124209][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 39.143805][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 39.146034][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 39.175329][ T6029] netlink: 4 bytes leftover after parsing attributes in process `syz.1.9'. [ 39.313777][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 39.354027][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 39.615849][ T6043] process 'syz.1.11' launched './file2' with NULL argv: empty string added [ 39.689080][ T6053] netlink: 'syz.2.14': attribute type 7 has an invalid length. [ 39.691256][ T6053] netlink: 140 bytes leftover after parsing attributes in process `syz.2.14'. [ 40.122401][ T6085] CUSE: DEVNAME unspecified [ 40.424628][ T65] Bluetooth: hci3: command tx timeout [ 40.426739][ T65] Bluetooth: hci0: command tx timeout [ 40.428214][ T65] Bluetooth: hci1: command tx timeout [ 40.428758][ T5952] Bluetooth: hci2: command tx timeout [ 40.915003][ T6119] 9pnet_fd: Insufficient options for proto=fd [ 40.965226][ T6120] pim6reg1: entered promiscuous mode [ 40.967235][ T6120] pim6reg1: entered allmulticast mode [ 41.973757][ T35] hid-generic 0000:0000:0000.0002: unknown main item tag 0x0 [ 41.979209][ T35] hid-generic 0000:0000:0000.0002: hidraw1: HID v0.00 Device [syz0] on syz0 [ 42.223760][ T8] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 42.274742][ T6153] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 42.376521][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 255, changing to 11 [ 42.379616][ T8] usb 5-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid maxpacket 59391, setting to 1024 [ 42.382621][ T8] usb 5-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 42.386143][ T8] usb 5-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 42.389070][ T8] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 42.396566][ T8] usb 5-1: config 0 descriptor?? [ 42.399469][ T6144] raw-gadget.0 gadget.0: fail, usb_ep_enable returned -22 [ 42.503995][ T5952] Bluetooth: hci1: command tx timeout [ 42.504081][ T5942] Bluetooth: hci2: command tx timeout [ 42.505328][ T65] Bluetooth: hci3: command tx timeout [ 42.505416][ T5938] Bluetooth: hci0: command tx timeout [ 42.740421][ T6156] syz.2.34 (6156): drop_caches: 4 [ 42.811022][ T8] plantronics 0003:047F:FFFF.0003: unknown main item tag 0xd [ 42.816480][ T8] plantronics 0003:047F:FFFF.0003: No inputs registered, leaving [ 42.826207][ T8] plantronics 0003:047F:FFFF.0003: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.0-1/input0 [ 43.024144][ T6000] e1000 0000:00:06.0 eth0: Reset adapter [ 43.069956][ T35] usb 5-1: USB disconnect, device number 2 [ 44.584728][ T5942] Bluetooth: hci0: command tx timeout [ 44.584765][ T5952] Bluetooth: hci3: command tx timeout [ 44.586459][ T5942] Bluetooth: hci1: command tx timeout [ 44.588339][ T5952] Bluetooth: hci2: command tx timeout [ 45.224755][ T832] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX [ 56.168386][ T6232] capability: warning: `syz.3.47' uses 32-bit capabilities (legacy support in use) [ 56.413762][ T832] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 56.586949][ T832] usb 7-1: Using ep0 maxpacket: 32 [ 56.592659][ T832] usb 7-1: config index 0 descriptor too short (expected 29220, got 36) [ 56.595849][ T832] usb 7-1: config 0 has too many interfaces: 81, using maximum allowed: 32 [ 56.598996][ T832] usb 7-1: config 0 has 1 interface, different from the descriptor's value: 81 [ 56.602503][ T832] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x1 has invalid wMaxPacketSize 0 [ 56.608441][ T832] usb 7-1: config 0 interface 0 altsetting 0 bulk endpoint 0x1 has invalid maxpacket 0 [ 56.612071][ T832] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x82 has invalid wMaxPacketSize 0 [ 56.618789][ T832] usb 7-1: config 0 interface 0 altsetting 0 has 2 endpoint descriptors, different from the interface descriptor's value: 18 [ 56.693584][ T832] usb 7-1: New USB device found, idVendor=03f0, idProduct=6c17, bcdDevice= 0.40 [ 56.696799][ T832] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 56.700903][ T832] usb 7-1: config 0 descriptor?? [ 57.334455][ T5999] IPVS: starting estimator thread 0... [ 57.419087][ T6261] overlayfs: upper fs does not support RENAME_WHITEOUT. [ 57.421107][ T6261] overlayfs: failed to set xattr on upper [ 57.422691][ T6261] overlayfs: ...falling back to redirect_dir=nofollow. [ 57.424656][ T6261] overlayfs: ...falling back to index=off. [ 57.426301][ T6261] overlayfs: ...falling back to uuid=null. [ 57.433773][ T6256] IPVS: using max 38 ests per chain, 91200 per kthread [ 57.910810][ T6272] xt_CT: No such helper "pptp" [ 57.973854][ T5944] usb 6-1: new full-speed USB device number 2 using dummy_hcd [ 58.136370][ T5944] usb 6-1: config 1 interface 0 altsetting 9 endpoint 0x1 has invalid wMaxPacketSize 0 [ 58.139483][ T5944] usb 6-1: config 1 interface 0 altsetting 9 has 2 endpoint descriptors, different from the interface descriptor's value: 1 [ 58.144542][ T5944] usb 6-1: config 1 interface 0 has no altsetting 0 [ 58.149034][ T5944] usb 6-1: New USB device found, idVendor=0525, idProduct=a4a8, bcdDevice= 0.40 [ 58.152044][ T5944] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 58.154706][ T5944] usb 6-1: Product: syz [ 58.156788][ T5944] usb 6-1: Manufacturer: 䀊 [ 58.158558][ T5944] usb 6-1: SerialNumber: syz [ 58.162135][ T6265] raw-gadget.1 gadget.1: fail, usb_ep_enable returned -22 [ 58.576583][ T5944] usb 6-1: USB disconnect, device number 2 [ 58.988208][ T6292] all: renamed from bridge_slave_0 (while UP) [ 58.992418][ T6292] IPv6: Can't replace route, no match found [ 59.109691][ T6295] netlink: 'syz.3.59': attribute type 12 has an invalid length. [ 59.186574][ T35] usb 7-1: USB disconnect, device number 2 [ 59.224581][ T6300] netlink: 'syz.1.61': attribute type 39 has an invalid length. [ 59.275736][ T6302] input: syz0 as /devices/virtual/input/input6 [ 59.842311][ T6288] dccp_close: ABORT with 15612 bytes unread [ 60.055829][ T6317] netlink: 'syz.0.66': attribute type 7 has an invalid length. [ 60.114833][ T6321] overlay: Unknown parameter 'subj_role' [ 60.136115][ T6321] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 60.151572][ T6321] evm: overlay not supported [ 60.379161][ T6328] netlink: 12 bytes leftover after parsing attributes in process `syz.3.68'. [ 60.547390][ T6332] 9pnet_fd: Insufficient options for proto=fd [ 61.432470][ T6345] netlink: set zone limit has 8 unknown bytes [ 61.793749][ T5938] Bluetooth: hci3: command 0x0405 tx timeout [ 62.344294][ T6357] input: syz1 as /devices/virtual/input/input7 [ 62.386315][ T6364] netlink: 'syz.1.77': attribute type 21 has an invalid length. [ 62.389397][ T6364] netlink: 'syz.1.77': attribute type 6 has an invalid length. [ 62.391891][ T6364] netlink: 132 bytes leftover after parsing attributes in process `syz.1.77'. [ 62.446127][ T6367] tmpfs: Unknown parameter 'ussquota' [ 62.807132][ T35] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 62.955761][ T35] usb 6-1: config 0 interface 0 altsetting 0 has an endpoint descriptor with address 0xFF, changing to 0x8F [ 62.959275][ T35] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x8F has an invalid bInterval 0, changing to 7 [ 62.976714][ T35] usb 6-1: config 0 interface 0 altsetting 0 has 1 endpoint descriptor, different from the interface descriptor's value: 21 [ 62.999470][ T35] usb 6-1: New USB device found, idVendor=047f, idProduct=ffff, bcdDevice= 0.00 [ 63.013862][ T35] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 63.026291][ T35] usb 6-1: config 0 descriptor?? [ 63.086288][ T6386] netlink: 4 bytes leftover after parsing attributes in process `syz.3.82'. [ 63.523462][ T35] plantronics 0003:047F:FFFF.0004: ignoring exceeding usage max [ 63.545612][ T35] plantronics 0003:047F:FFFF.0004: No inputs registered, leaving [ 63.559835][ T35] plantronics 0003:047F:FFFF.0004: hiddev0,hidraw1: USB HID v0.40 Device [HID 047f:ffff] on usb-dummy_hcd.1-1/input0 [ 63.761290][ T6394] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 63.776826][ T6394] infiniband syz1: RDMA CMA: cma_listen_on_dev, error -98 [ 63.863770][ T5938] Bluetooth: hci3: command 0x0405 tx timeout [ 64.381308][ T6421] smc: net device wg0 applied user defined pnetid SYZP [ 64.419163][ T6427] netlink: 24 bytes leftover after parsing attributes in process `syz.0.90'. [ 65.108827][ T6432] vivid-002: ================= START STATUS ================= [ 65.112750][ T6432] vivid-002: Radio HW Seek Mode: Bounded [ 65.114779][ T6432] vivid-002: Radio Programmable HW Seek: false [ 65.116864][ T6432] vivid-002: RDS Rx I/O Mode: Block I/O [ 65.118436][ T6432] vivid-002: Generate RBDS Instead of RDS: false [ 65.120364][ T6432] vivid-002: RDS Reception: true [ 65.121679][ T6432] vivid-002: RDS Program Type: 0 inactive [ 65.125650][ T6432] vivid-002: RDS PS Name: inactive [ 65.127545][ T6432] vivid-002: RDS Radio Text: inactive [ 65.129468][ T6432] vivid-002: RDS Traffic Announcement: false inactive [ 65.131672][ T6432] vivid-002: RDS Traffic Program: false inactive [ 65.134885][ T6432] vivid-002: RDS Music: false inactive [ 65.136382][ T6432] vivid-002: ================== END STATUS ================== [ 65.335239][ T69] usb 6-1: reset high-speed USB device number 3 using dummy_hcd [ 65.391481][ T6448] netlink: 24 bytes leftover after parsing attributes in process `syz.0.95'. [ 65.441619][ T6453] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 66.247597][ T832] usb 6-1: USB disconnect, device number 3 [ 66.314093][ T6463] Bluetooth: MGMT ver 1.23 [ 66.424279][ T6470] program syz.1.102 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 66.444922][ T6470] Bluetooth: MGMT ver 1.23 [ 66.450300][ T6470] program syz.1.102 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 67.840530][ T6508] Zero length message leads to an empty skb [ 68.804221][ T6529] overlay: ./file0 is not a directory [ 69.272668][ T6544] mac80211_hwsim: wmediumd released netlink socket, switching to perfect channel medium [ 70.368356][ T6555] sctp: [Deprecated]: syz.2.123 (pid 6555) Use of struct sctp_assoc_value in delayed_ack socket option. [ 70.368356][ T6555] Use struct sctp_sack_info instead [ 70.378836][ T6555] netlink: 53 bytes leftover after parsing attributes in process `syz.2.123'. [ 70.381554][ T6555] netlink: 12 bytes leftover after parsing attributes in process `syz.2.123'. [ 70.528477][ T6563] netlink: 16 bytes leftover after parsing attributes in process `syz.2.126'. [ 70.647238][ T6577] netlink: 8 bytes leftover after parsing attributes in process `syz.3.130'. [ 70.668063][ T1412] ieee802154 phy0 wpan0: encryption failed: -22 [ 70.669989][ T1412] ieee802154 phy1 wpan1: encryption failed: -22 [ 70.684595][ T6579] capability: warning: `syz.3.131' uses deprecated v2 capabilities in a way that may be insecure [ 71.211104][ T6599] netlink: 24 bytes leftover after parsing attributes in process `syz.3.134'. [ 71.533959][ T6631] bpf: Bad value for 'gid' [ 71.764169][ T9] usb 6-1: new high-speed USB device number 4 using dummy_hcd [ 71.861036][ T30] usb 5-1: new full-speed USB device number 3 using dummy_hcd [ 71.913715][ T9] usb 6-1: Using ep0 maxpacket: 8 [ 71.917770][ T9] usb 6-1: config 0 interface 0 altsetting 0 endpoint 0x82 has an invalid bInterval 0, changing to 7 [ 71.920553][ T9] usb 6-1: New USB device found, idVendor=07c0, idProduct=1512, bcdDevice=30.22 [ 71.922835][ T9] usb 6-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 71.934902][ T9] usb 6-1: config 0 descriptor?? [ 71.965890][ T6648] netlink: 'syz.3.141': attribute type 21 has an invalid length. [ 72.140859][ T9] iowarrior 6-1:0.0: IOWarrior product=0x1512, serial= interface=0 now attached to iowarrior0 [ 72.211417][ T6650] netlink: 248 bytes leftover after parsing attributes in process `syz.2.142'. [ 72.239889][ T6655] vhci_hcd vhci_hcd.0: pdev(2) rhport(0) sockfd(3) [ 72.241742][ T6655] vhci_hcd vhci_hcd.0: devid(0) speed(5) speed_str(super-speed) [ 72.244551][ T6655] vhci_hcd vhci_hcd.0: Device attached [ 72.246894][ T6656] usbip_core: unknown command [ 72.248466][ T6656] vhci_hcd: unknown pdu 67108864 [ 72.249763][ T6656] usbip_core: unknown command [ 72.252214][ T102] vhci_hcd: stop threads [ 72.255063][ T102] vhci_hcd: release socket [ 72.256727][ T102] vhci_hcd: disconnect device [ 72.400472][ T6033] usb 6-1: USB disconnect, device number 4 [ 72.815169][ T6676] A link change request failed with some changes committed already. Interface xfrm0 may have been left with an inconsistent configuration, please check. [ 72.856147][ T6680] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(7) [ 72.858046][ T6680] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 72.861164][ T6680] vhci_hcd vhci_hcd.0: Device attached [ 72.952432][ T6690] futex_wake_op: syz.2.153 tries to shift op by 36; fix this program [ 73.003754][ T35] psmouse serio2: Failed to reset mouse on : -5 [ 73.033729][ T6033] vhci_hcd: vhci_device speed not set [ 73.093796][ T6033] usb 43-1: new full-speed USB device number 2 using vhci_hcd [ 73.616410][ T6682] vhci_hcd: connection reset by peer [ 73.619860][ T102] vhci_hcd: stop threads [ 73.621115][ T102] vhci_hcd: release socket [ 73.623356][ T102] vhci_hcd: disconnect device [ 73.657303][ T6699] netlink: 'syz.3.155': attribute type 1 has an invalid length. [ 73.659352][ T6699] netlink: 'syz.3.155': attribute type 1 has an invalid length. [ 74.335144][ T6706] netlink: 168864 bytes leftover after parsing attributes in process `syz.2.158'. [ 74.337493][ T6706] openvswitch: netlink: Message has 44053 unknown bytes. [ 74.342021][ T39] audit: type=1326 audit(1733674216.646:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6705 comm="syz.2.158" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x0 [ 74.799496][ T6726] netlink: 1284 bytes leftover after parsing attributes in process `syz.3.162'. [ 74.856027][ T6729] netdevsim netdevsim3 netdevsim3 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 74.921460][ T6729] netdevsim netdevsim3 netdevsim2 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.033789][ T6729] netdevsim netdevsim3 netdevsim1 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.058470][ T5952] Bluetooth: hci3: unexpected event for opcode 0x0428 [ 75.093913][ T6729] netdevsim netdevsim3 netdevsim0 (unregistering): unset [1, 0] type 2 family 0 port 6081 - 0 [ 75.150088][ T6729] netdevsim netdevsim3 eth0: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.155925][ T6729] netdevsim netdevsim3 eth1: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.160859][ T6729] netdevsim netdevsim3 eth2: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.165874][ T6729] netdevsim netdevsim3 eth3: set [1, 0] type 2 family 0 port 6081 - 0 [ 75.784454][ T1335] cfg80211: failed to load regulatory.db [ 75.827387][ T6743] program syz.3.166 is using a deprecated SCSI ioctl, please convert it to SG_IO [ 76.230531][ T1819] libceph: connect (1)[c::]:6789 error -101 [ 76.232887][ T1819] libceph: mon0 (1)[c::]:6789 connect error [ 76.320816][ T6759] ceph: No mds server is up or the cluster is laggy [ 76.773701][ T35] misc userio: Buffer overflowed, userio client isn't keeping up [ 76.833402][ T6773] vhci_hcd vhci_hcd.0: pdev(3) rhport(0) sockfd(5) [ 76.835413][ T6773] vhci_hcd vhci_hcd.0: devid(0) speed(4) speed_str(wireless) [ 76.838791][ T6773] vhci_hcd vhci_hcd.0: Device attached [ 77.063687][ T30] usb 5-1: device descriptor read/64, error -110 [ 77.328303][ T6777] syz.2.173 uses obsolete (PF_INET,SOCK_PACKET) [ 77.333747][ T30] usb 5-1: new full-speed USB device number 4 using dummy_hcd [ 77.365948][ T6777] trusted_key: syz.2.173 sent an empty control message without MSG_MORE. [ 77.368984][ T6774] vhci_hcd: connection closed [ 77.369823][ T1251] vhci_hcd: stop threads [ 77.372168][ T1251] vhci_hcd: release socket [ 77.373376][ T1251] vhci_hcd: disconnect device [ 77.459347][ T5952] Bluetooth: hci3: SCO packet for unknown connection handle 1955 [ 77.473703][ T30] usb 5-1: device descriptor read/64, error -32 [ 77.593793][ T30] usb usb5-port1: attempt power cycle [ 77.825223][ T35] input: PS/2 Generic Mouse as /devices/serio2/input/input8 [ 77.978749][ T30] usb 5-1: new full-speed USB device number 5 using dummy_hcd [ 77.994479][ T30] usb 5-1: device descriptor read/8, error -32 [ 78.033756][ T35] psmouse serio2: Failed to enable mouse on [ 78.105693][ T30] raw-gadget.1 gadget.0: failed to queue suspend event [ 78.134916][ T30] raw-gadget.1 gadget.0: failed to queue reset event [ 78.175229][ T6033] vhci_hcd: vhci_device speed not set [ 78.215865][ T30] raw-gadget.1 gadget.0: failed to queue resume event [ 78.234510][ T6796] bond0 (unregistering): (slave bond_slave_0): Releasing backup interface [ 78.249138][ T6796] bond0 (unregistering): (slave bond_slave_1): Releasing backup interface [ 78.261905][ T6796] bond0 (unregistering): Released all slaves [ 78.273804][ T30] usb 5-1: new full-speed USB device number 6 using dummy_hcd [ 78.304672][ C1] raw-gadget.1 gadget.0: ignoring, device is not running [ 78.306658][ T30] usb 5-1: device descriptor read/8, error -32 [ 78.423738][ T30] raw-gadget.1 gadget.0: failed to queue suspend event [ 78.425710][ T30] usb usb5-port1: unable to enumerate USB device [ 78.853444][ T6815] overlayfs: failed to resolve '/': -2 [ 78.973861][ T6818] raw_sendmsg: syz.1.184 forgot to set AF_INET. Fix it! [ 79.053864][ T6821] netlink: 4 bytes leftover after parsing attributes in process `syz.1.185'. [ 79.065096][ T5952] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 79.067364][ T5952] Bluetooth: hci3: Injecting HCI hardware error event [ 79.069907][ T5938] Bluetooth: hci3: hardware error 0x00 [ 79.164350][ T6825] netlink: 'syz.1.185': attribute type 4 has an invalid length. [ 79.171850][ T6825] netlink: 'syz.1.185': attribute type 4 has an invalid length. [ 79.176686][ T5952] Bluetooth: hci0: Malformed Event: 0x13 [ 80.253979][ T8] usb 7-1: new high-speed USB device number 3 using dummy_hcd [ 80.415634][ T8] usb 7-1: config index 0 descriptor too short (expected 23569, got 27) [ 80.417846][ T8] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 80.421519][ T8] usb 7-1: New USB device found, idVendor=03eb, idProduct=0002, bcdDevice=ba.c0 [ 80.424156][ T8] usb 7-1: New USB device strings: Mfr=5, Product=0, SerialNumber=0 [ 80.426261][ T8] usb 7-1: Manufacturer: syz [ 80.429711][ T8] usb 7-1: config 0 descriptor?? [ 80.434554][ T6642] raw-gadget.1 gadget.0: failed to queue disconnect event [ 80.483688][ T8] rc_core: IR keymap rc-hauppauge not found [ 80.485367][ T8] Registered IR keymap rc-empty [ 80.489074][ T8] rc rc0: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0 [ 80.493205][ T8] input: IgorPlug-USB IR Receiver as /devices/platform/dummy_hcd.2/usb7/7-1/7-1:0.0/rc/rc0/input9 [ 80.558925][ T6856] ======================================================= [ 80.558925][ T6856] WARNING: The mand mount option has been deprecated and [ 80.558925][ T6856] and is ignored by this kernel. Remove the mand [ 80.558925][ T6856] option from the mount to silence this warning. [ 80.558925][ T6856] ======================================================= [ 80.589264][ T6856] erofs (device erofs): cannot find valid erofs superblock [ 80.658232][ T6864] netlink: 44 bytes leftover after parsing attributes in process `syz.0.197'. [ 80.660690][ T6864] netlink: 59 bytes leftover after parsing attributes in process `syz.0.197'. [ 80.817914][ T1819] usb 7-1: USB disconnect, device number 3 [ 80.980156][ T6875] netlink: 8 bytes leftover after parsing attributes in process `syz.3.199'. [ 81.144996][ T5938] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 81.572594][ T6873] overlayfs: statfs failed on './file0' [ 81.615224][ T6883] loop6: detected capacity change from 0 to 524287999 [ 81.618561][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.620885][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.623328][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.625695][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.627842][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.630135][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.632224][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.635278][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.640808][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.643171][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.645343][ C3] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.648472][ C3] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.650897][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.653185][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.657314][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.659693][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.661596][ T6883] ldm_validate_partition_table(): Disk read failed. [ 81.663391][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.665690][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.667960][ C2] I/O error, dev loop6, sector 0 op 0x0:(READ) flags 0x0 phys_seg 1 prio class 0 [ 81.670174][ C2] Buffer I/O error on dev loop6, logical block 0, async page read [ 81.715095][ T6883] Dev loop6: unable to read RDB block 0 [ 81.717428][ T6883] loop6: unable to read partition table [ 81.719000][ T6883] loop_reread_partitions: partition scan of loop6 (3 xC) failed (rc=-5) [ 81.734445][ T5360] ldm_validate_partition_table(): Disk read failed. [ 81.736626][ T5360] Dev loop6: unable to read RDB block 0 [ 81.738642][ T5360] loop6: unable to read partition table [ 82.123724][ T1819] usb 5-1: new high-speed USB device number 7 using dummy_hcd [ 82.156291][ T6906] xt_cluster: node mask cannot exceed total number of nodes [ 82.413734][ T1819] usb 5-1: Using ep0 maxpacket: 8 [ 82.416574][ T1819] usb 5-1: config 0 has no interfaces? [ 82.418513][ T1819] usb 5-1: New USB device found, idVendor=ee8d, idProduct=db1a, bcdDevice=61.23 [ 82.421811][ T1819] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 82.426100][ T1819] usb 5-1: config 0 descriptor?? [ 82.631719][ T5944] usb 5-1: USB disconnect, device number 7 [ 82.720225][ T6927] misc userio: No port type given on /dev/userio [ 82.835335][ T6930] ALSA: seq fatal error: cannot create timer (-22) [ 83.320666][ T6946] input: syz0 as /devices/virtual/input/input11 [ 83.483768][ T5944] usb 5-1: new high-speed USB device number 8 using dummy_hcd [ 83.643779][ T5944] usb 5-1: Using ep0 maxpacket: 8 [ 83.646541][ T5944] usb 5-1: config 0 has no interfaces? [ 83.649577][ T5944] usb 5-1: New USB device found, idVendor=0525, idProduct=a4a1, bcdDevice= 0.40 [ 83.652030][ T5944] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 83.654387][ T5944] usb 5-1: Product: syz [ 83.655540][ T5944] usb 5-1: Manufacturer: syz [ 83.656820][ T5944] usb 5-1: SerialNumber: syz [ 83.659533][ T5944] usb 5-1: config 0 descriptor?? [ 83.907821][ T1819] usb 5-1: USB disconnect, device number 8 [ 84.207464][ T6962] netlink: 20 bytes leftover after parsing attributes in process `syz.1.224'. [ 84.528878][ T6988] input: syz0 as /devices/virtual/input/input12 [ 84.925481][ T7008] usb usb7: Requested nonsensical USBDEVFS_URB_SHORT_NOT_OK. [ 86.486079][ T7087] can0: slcan on ttyS3. [ 86.535918][ T7090] netlink: 4 bytes leftover after parsing attributes in process `syz.3.258'. [ 86.538757][ T7090] netlink: 12 bytes leftover after parsing attributes in process `syz.3.258'. [ 86.554620][ T7087] can0 (unregistered): slcan off ttyS3. [ 87.223434][ T7097] syz.3.259 (7097) used greatest stack depth: 20416 bytes left [ 87.773762][ T56] usb 7-1: new high-speed USB device number 4 using dummy_hcd [ 87.942296][ T7127] sch_tbf: burst 4398 is lower than device lo mtu (11337746) ! [ 87.949957][ T56] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 87.953025][ T56] usb 7-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 87.955867][ T56] usb 7-1: New USB device found, idVendor=1e7d, idProduct=2cf6, bcdDevice= 0.00 [ 87.959048][ T56] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 87.961830][ T56] usb 7-1: config 0 descriptor?? [ 88.567162][ T7144] openvswitch: netlink: Either Ethernet header or EtherType is required. [ 88.829066][ T56] usbhid 7-1:0.0: can't add hid device: -71 [ 88.833191][ T56] usbhid 7-1:0.0: probe with driver usbhid failed with error -71 [ 88.847553][ T56] usb 7-1: USB disconnect, device number 4 [ 89.050280][ T7157] netlink: 'syz.2.275': attribute type 1 has an invalid length. [ 89.053117][ T7157] netlink: 'syz.2.275': attribute type 2 has an invalid length. [ 89.110902][ T7163] overlayfs: failed to resolve './file0': -2 [ 89.202519][ T7167] mmap: syz.2.278 (7167) uses deprecated remap_file_pages() syscall. See Documentation/mm/remap_file_pages.rst. [ 89.681833][ T7223] xt_CONNSECMARK: only valid in 'mangle' or 'security' table, not 'syz0' [ 90.256699][ T7242] netlink: 'syz.2.293': attribute type 10 has an invalid length. [ 90.376661][ T7242] batman_adv: batadv0: Adding interface: team0 [ 90.378688][ T7242] batman_adv: batadv0: The MTU of interface team0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 90.384114][ T25] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 90.388099][ T7242] batman_adv: batadv0: Not using interface team0 (retrying later): interface not active [ 90.650843][ T7246] 9pnet_fd: Insufficient options for proto=fd [ 90.658972][ T7246] overlay: ./file0 is not a directory [ 90.742532][ T7257] batadv0: entered promiscuous mode [ 91.170464][ T7263] vhci_hcd vhci_hcd.0: pdev(0) rhport(0) sockfd(7) [ 91.172132][ T7263] vhci_hcd vhci_hcd.0: devid(0) speed(3) speed_str(high-speed) [ 91.174055][ T7263] vhci_hcd vhci_hcd.0: Device attached [ 91.434485][ T5944] usb 37-1: new high-speed USB device number 2 using vhci_hcd [ 91.593274][ T7291] netlink: 8 bytes leftover after parsing attributes in process `syz.1.302'. [ 91.624126][ T7269] vhci_hcd: connection reset by peer [ 91.627142][ T102] vhci_hcd: stop threads [ 91.630003][ T102] vhci_hcd: release socket [ 91.631524][ T102] vhci_hcd: disconnect device [ 91.749065][ T7297] overlayfs: fs on './file0' does not support file handles, falling back to index=off,nfs_export=off. [ 91.752695][ T7297] overlayfs: maximum fs stacking depth exceeded [ 92.243161][ T7303] netlink: 32 bytes leftover after parsing attributes in process `syz.0.309'. [ 93.044212][ T25] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 93.609998][ T7353] overlayfs: missing 'workdir' [ 96.573945][ T5944] vhci_hcd: vhci_device speed not set [ 103.504959][ T7400] A link change request failed with some changes committed already. Interface lo may have been left with an inconsistent configuration, please check. [ 104.267459][ T39] audit: type=1326 audit(1733674246.576:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7397 comm="syz.2.327" exe="/syz-executor" sig=31 arch=40000003 syscall=240 compat=1 ip=0xf73ce579 code=0x0 [ 104.475500][ T7425] syz.1.334[7425] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 104.475550][ T7425] syz.1.334[7425] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 104.478517][ T7425] syz.1.334[7425] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 104.837876][ T7447] syz.1.340[7447] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 104.840977][ T7447] syz.1.340[7447] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 104.844604][ T7447] syz.1.340[7447] is installing a program with bpf_probe_write_user helper that may corrupt user memory! [ 105.328819][ T7462] IPVS: Schedule: port zero only supported in persistent services, check your ipvs configuration [ 105.811906][ T7483] netlink: 'syz.2.348': attribute type 10 has an invalid length. [ 105.827426][ T7483] bond0: (slave netdevsim0): Enslaving as an active interface with an up link [ 106.110047][ T7507] netlink: 8 bytes leftover after parsing attributes in process `syz.0.355'. [ 106.617899][ T7514] tc_dump_action: action bad kind [ 106.756057][ T7519] netlink: 'syz.1.359': attribute type 10 has an invalid length. [ 106.758322][ T7519] netlink: 40 bytes leftover after parsing attributes in process `syz.1.359'. [ 106.760931][ T7519] team0: entered promiscuous mode [ 106.762442][ T7519] team_slave_0: entered promiscuous mode [ 106.764755][ T7519] team_slave_1: entered promiscuous mode [ 106.766810][ T7519] team0: entered allmulticast mode [ 106.768201][ T7519] team_slave_0: entered allmulticast mode [ 106.770021][ T7519] team_slave_1: entered allmulticast mode [ 106.773529][ T7519] bridge0: port 3(team0) entered blocking state [ 106.775552][ T7519] bridge0: port 3(team0) entered disabled state [ 106.778686][ T7519] bridge0: port 3(team0) entered blocking state [ 106.780564][ T7519] bridge0: port 3(team0) entered forwarding state [ 106.989883][ T7524] netlink: 'syz.0.361': attribute type 3 has an invalid length. [ 106.992851][ T7525] netlink: 4 bytes leftover after parsing attributes in process `syz.0.361'. [ 106.997389][ T7524] netlink: 4 bytes leftover after parsing attributes in process `syz.0.361'. [ 107.012413][ T7526] overlayfs: missing 'workdir' [ 107.895869][ T5938] Bluetooth: Unexpected continuation frame (len 35) [ 108.573291][ T7590] ax25_connect(): syz.0.379 uses autobind, please contact jreuter@yaina.de [ 108.614461][ T7583] ================================================================== [ 108.616586][ T7583] BUG: KASAN: vmalloc-out-of-bounds in push_insn_history+0x615/0x690 [ 108.618680][ T7583] Write of size 4 at addr ffffc90002d9e010 by task syz.1.377/7583 [ 108.621680][ T7583] [ 108.622567][ T7583] CPU: 2 UID: 0 PID: 7583 Comm: syz.1.377 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0 [ 108.625480][ T7583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 108.628202][ T7583] Call Trace: [ 108.629081][ T7583] [ 108.629858][ T7583] dump_stack_lvl+0x116/0x1f0 [ 108.631093][ T7583] print_report+0xc3/0x620 [ 108.632254][ T7583] ? __virt_addr_valid+0x5e/0x590 [ 108.633560][ T7583] kasan_report+0xd9/0x110 [ 108.634752][ T7583] ? push_insn_history+0x615/0x690 [ 108.636078][ T7583] ? push_insn_history+0x615/0x690 [ 108.637394][ T7583] push_insn_history+0x615/0x690 [ 108.638722][ T7583] do_check_common+0xb78/0xd540 [ 108.640004][ T7583] ? lockdep_hardirqs_on+0x7c/0x110 [ 108.641464][ T7583] ? __pfx_do_check_common+0x10/0x10 [ 108.642828][ T7583] ? kvfree+0x47/0x50 [ 108.643844][ T7583] ? check_cfg+0x403/0x840 [ 108.644979][ T7583] bpf_check+0x77c2/0xc9b0 [ 108.646126][ T7583] ? hlock_class+0x4e/0x130 [ 108.647287][ T7583] ? __pfx_bpf_check+0x10/0x10 [ 108.648537][ T7583] ? find_held_lock+0x2d/0x110 [ 108.649785][ T7583] ? bpf_prog_load+0xd45/0x2670 [ 108.651021][ T7583] ? __pfx_lock_release+0x10/0x10 [ 108.652294][ T7583] ? trace_lock_acquire+0x14e/0x1f0 [ 108.653594][ T7583] ? bpf_prog_load+0xd45/0x2670 [ 108.654786][ T7583] ? lockdep_hardirqs_on+0x7c/0x110 [ 108.656029][ T7583] ? read_tsc+0x9/0x20 [ 108.657058][ T7583] ? ktime_get_with_offset+0x20f/0x3a0 [ 108.658429][ T7583] ? bpf_obj_name_cpy+0x156/0x1b0 [ 108.659725][ T7583] bpf_prog_load+0xe3f/0x2670 [ 108.659935][ T7592] netlink: 8 bytes leftover after parsing attributes in process `syz.3.380'. [ 108.660938][ T7583] ? __pfx_bpf_prog_load+0x10/0x10 [ 108.663261][ T7592] netlink: 12 bytes leftover after parsing attributes in process `syz.3.380'. [ 108.664585][ T7583] ? find_held_lock+0x2d/0x110 [ 108.664602][ T7583] ? __might_fault+0x13b/0x190 [ 108.664619][ T7583] ? __might_fault+0xe3/0x190 [ 108.664635][ T7583] __sys_bpf+0x5677/0x57a0 [ 108.664645][ T7583] ? __pfx___sys_bpf+0x10/0x10 [ 108.664656][ T7583] ? do_futex+0x123/0x350 [ 108.664669][ T7583] ? __pfx_do_futex+0x10/0x10 [ 108.664685][ T7583] ? xfd_validate_state+0x5d/0x180 [ 108.664700][ T7583] ? rcu_is_watching+0x12/0xc0 [ 108.664713][ T7583] __ia32_sys_bpf+0x76/0xe0 [ 108.664723][ T7583] __do_fast_syscall_32+0x73/0x120 [ 108.664736][ T7583] do_fast_syscall_32+0x32/0x80 [ 108.664749][ T7583] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 108.664764][ T7583] RIP: 0023:0xf7f96579 [ 108.664773][ T7583] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 108.664782][ T7583] RSP: 002b:00000000f511657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 108.664793][ T7583] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200017c0 [ 108.664800][ T7583] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000 [ 108.664806][ T7583] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 108.664812][ T7583] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 108.664817][ T7583] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 108.664826][ T7583] [ 108.664830][ T7583] [ 108.671139][ T7592] netlink: 'syz.3.380': attribute type 20 has an invalid length. [ 108.671955][ T7583] The buggy address belongs to the virtual mapping at [ 108.671955][ T7583] [ffffc90002d7e000, ffffc90002da0000) created by: [ 108.671955][ T7583] kvrealloc_noprof+0xfc/0x150 [ 108.698896][ T7599] netlink: 10 bytes leftover after parsing attributes in process `syz.0.382'. [ 108.701078][ T7583] [ 108.701085][ T7583] The buggy address belongs to the physical page: [ 108.718172][ T7583] page: refcount:1 mapcount:0 mapping:0000000000000000 index:0x524 pfn:0x71c01 [ 108.721255][ T7583] flags: 0x4fff00000000000(node=1|zone=1|lastcpupid=0x7ff) [ 108.723800][ T7583] raw: 04fff00000000000 0000000000000000 dead000000000122 0000000000000000 [ 108.726251][ T7583] raw: 0000000000000524 0000000000000000 00000001ffffffff 0000000000000000 [ 108.728436][ T7583] page dumped because: kasan: bad access detected [ 108.730068][ T7583] page_owner tracks the page as allocated [ 108.731509][ T7583] page last allocated via order 0, migratetype Unmovable, gfp_mask 0x102cc2(GFP_HIGHUSER|__GFP_NOWARN), pid 7583, tgid 7582 (syz.1.377), ts 108614379645, free_ts 108351570380 [ 108.735824][ T7583] post_alloc_hook+0x2d1/0x350 [ 108.737157][ T7583] get_page_from_freelist+0xfce/0x2f80 [ 108.739122][ T7583] __alloc_pages_noprof+0x6a6/0x25b0 [ 108.741010][ T7583] alloc_pages_mpol_noprof+0x2c9/0x610 [ 108.742895][ T7583] __vmalloc_node_range_noprof+0x724/0x1530 [ 108.744424][ T7583] __kvmalloc_node_noprof+0x14f/0x1a0 [ 108.745786][ T7583] kvrealloc_noprof+0xfc/0x150 [ 108.747015][ T7583] push_insn_history+0x2ac/0x690 [ 108.748289][ T7583] do_check_common+0xb78/0xd540 [ 108.749552][ T7583] bpf_check+0x77c2/0xc9b0 [ 108.750711][ T7583] bpf_prog_load+0xe3f/0x2670 [ 108.751889][ T7583] __sys_bpf+0x5677/0x57a0 [ 108.753022][ T7583] __ia32_sys_bpf+0x76/0xe0 [ 108.754192][ T7583] __do_fast_syscall_32+0x73/0x120 [ 108.755502][ T7583] do_fast_syscall_32+0x32/0x80 [ 108.756751][ T7583] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 108.758371][ T7583] page last free pid 7566 tgid 7565 stack trace: [ 108.759980][ T7583] free_unref_folios+0xa7b/0x14f0 [ 108.761253][ T7583] folios_put_refs+0x587/0x7b0 [ 108.762503][ T7583] shmem_undo_range+0x586/0x1170 [ 108.763768][ T7583] shmem_evict_inode+0x3a3/0xba0 [ 108.765032][ T7583] evict+0x409/0x960 [ 108.766049][ T7583] iput+0x52a/0x890 [ 108.767038][ T7583] dentry_unlink_inode+0x29c/0x480 [ 108.768354][ T7583] __dentry_kill+0x1d0/0x600 [ 108.769672][ T7583] dput.part.0+0x4b1/0x9b0 [ 108.770833][ T7583] dput+0x1f/0x30 [ 108.771784][ T7583] __fput+0x515/0xb60 [ 108.772874][ T7583] task_work_run+0x14e/0x250 [ 108.774092][ T7583] syscall_exit_to_user_mode+0x27b/0x2a0 [ 108.775561][ T7583] __do_fast_syscall_32+0x80/0x120 [ 108.776939][ T7583] do_fast_syscall_32+0x32/0x80 [ 108.778382][ T7583] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 108.780023][ T7583] [ 108.780646][ T7583] Memory state around the buggy address: [ 108.782101][ T7583] ffffc90002d9df00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 108.784159][ T7583] ffffc90002d9df80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [ 108.786240][ T7583] >ffffc90002d9e000: 00 00 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 108.788563][ T7583] ^ [ 108.789753][ T7583] ffffc90002d9e080: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 108.791811][ T7583] ffffc90002d9e100: f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 f8 [ 108.793841][ T7583] ================================================================== [ 108.801540][ T7583] Kernel panic - not syncing: KASAN: panic_on_warn set ... [ 108.803433][ T7583] CPU: 2 UID: 0 PID: 7583 Comm: syz.1.377 Not tainted 6.13.0-rc1-syzkaller-00337-g7503345ac5f5 #0 [ 108.806136][ T7583] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 108.809642][ T7583] Call Trace: [ 108.810871][ T7583] [ 108.811951][ T7583] dump_stack_lvl+0x3d/0x1f0 [ 108.813297][ T7583] panic+0x71d/0x800 [ 108.814329][ T7583] ? __pfx_panic+0x10/0x10 [ 108.815488][ T7583] ? preempt_schedule_thunk+0x1a/0x30 [ 108.816885][ T7583] ? preempt_schedule_common+0x44/0xc0 [ 108.818308][ T7583] check_panic_on_warn+0xab/0xb0 [ 108.819602][ T7583] end_report+0x117/0x180 [ 108.820727][ T7583] kasan_report+0xe9/0x110 [ 108.821887][ T7583] ? push_insn_history+0x615/0x690 [ 108.823342][ T7583] ? push_insn_history+0x615/0x690 [ 108.824748][ T7583] push_insn_history+0x615/0x690 [ 108.826042][ T7583] do_check_common+0xb78/0xd540 [ 108.827350][ T7583] ? lockdep_hardirqs_on+0x7c/0x110 [ 108.829252][ T7583] ? __pfx_do_check_common+0x10/0x10 [ 108.831198][ T7583] ? kvfree+0x47/0x50 [ 108.832614][ T7583] ? check_cfg+0x403/0x840 [ 108.833778][ T7583] bpf_check+0x77c2/0xc9b0 [ 108.834971][ T7583] ? hlock_class+0x4e/0x130 [ 108.836161][ T7583] ? __pfx_bpf_check+0x10/0x10 [ 108.837403][ T7583] ? find_held_lock+0x2d/0x110 [ 108.838665][ T7583] ? bpf_prog_load+0xd45/0x2670 [ 108.839919][ T7583] ? __pfx_lock_release+0x10/0x10 [ 108.841242][ T7583] ? trace_lock_acquire+0x14e/0x1f0 [ 108.842598][ T7583] ? bpf_prog_load+0xd45/0x2670 [ 108.843852][ T7583] ? lockdep_hardirqs_on+0x7c/0x110 [ 108.845299][ T7583] ? read_tsc+0x9/0x20 [ 108.846372][ T7583] ? ktime_get_with_offset+0x20f/0x3a0 [ 108.848174][ T7583] ? bpf_obj_name_cpy+0x156/0x1b0 [ 108.850032][ T7583] bpf_prog_load+0xe3f/0x2670 [ 108.851748][ T7583] ? __pfx_bpf_prog_load+0x10/0x10 [ 108.853600][ T7583] ? find_held_lock+0x2d/0x110 [ 108.854983][ T7583] ? __might_fault+0x13b/0x190 [ 108.856219][ T7583] ? __might_fault+0xe3/0x190 [ 108.857443][ T7583] __sys_bpf+0x5677/0x57a0 [ 108.858601][ T7583] ? __pfx___sys_bpf+0x10/0x10 [ 108.859837][ T7583] ? do_futex+0x123/0x350 [ 108.860968][ T7583] ? __pfx_do_futex+0x10/0x10 [ 108.862203][ T7583] ? xfd_validate_state+0x5d/0x180 [ 108.863520][ T7583] ? rcu_is_watching+0x12/0xc0 [ 108.864760][ T7583] __ia32_sys_bpf+0x76/0xe0 [ 108.865934][ T7583] __do_fast_syscall_32+0x73/0x120 [ 108.867271][ T7583] do_fast_syscall_32+0x32/0x80 [ 108.868542][ T7583] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 108.870171][ T7583] RIP: 0023:0xf7f96579 [ 108.871218][ T7583] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 108.876130][ T7583] RSP: 002b:00000000f511657c EFLAGS: 00000292 ORIG_RAX: 0000000000000165 [ 108.878275][ T7583] RAX: ffffffffffffffda RBX: 0000000000000005 RCX: 00000000200017c0 [ 108.880301][ T7583] RDX: 0000000000000048 RSI: 0000000000000000 RDI: 0000000000000000 [ 108.882322][ T7583] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 108.884351][ T7583] R10: 0000000000000000 R11: 0000000000000296 R12: 0000000000000000 [ 108.886381][ T7583] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 108.888403][ T7583] [ 108.889669][ T7583] Kernel Offset: disabled [ 108.890794][ T7583] Rebooting in 86400 seconds.. VM DIAGNOSIS: 16:10:51 Registers: info registers vcpu 0 CPU#0 RAX=0000000080000000 RBX=0000000000000000 RCX=0000000000000002 RDX=0000000000000000 RSI=ffffffff8b4cd3a0 RDI=ffffffff8bb13800 RBP=0000000000000246 RSP=ffffc9000212f020 R8 =0000000000000000 R9 =0000000000000000 R10=ffffffff901cbd17 R11=0000000000000b8f R12=0000000000000000 R13=ffffffff8ddba940 R14=0000000000000000 R15=0000000000000000 RIP=ffffffff8b1af03d RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=0000000000000000 CR3=000000004e8a0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=ffffffff969ce070 RBX=ffff888024fbd360 RCX=1ffffffff2d39c1a RDX=dffffc0000000000 RSI=0000000000000008 RDI=ffffffff969ce0d0 RBP=ffffc9000d41f7d8 RSP=ffffc9000d41f6a0 R8 =0000000000000000 R9 =fffffbfff2d36f9f R10=ffffffff969b7cff R11=0000000000000000 R12=ffff888024fbc880 R13=0000000000000080 R14=0000000000000007 R15=1ffff92001a83eda RIP=ffffffff8175e5ee RFL=00000046 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b500000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7366f44 CR3=000000006c654000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000008 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 000000f800000000 0000000400000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=000000000000005b RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85153995 RDI=ffffffff9a6682c0 RBP=ffffffff9a668280 RSP=ffffc90020d46ff8 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000038353754 R12=0000000000000000 R13=000000000000005b R14=ffffffff85153930 R15=0000000000000000 RIP=ffffffff851539bf RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f5085548 CR3=000000006af6c000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=fffffbfff20397a2 RBX=fffffbfff20397a3 RCX=ffffffff81e1db9b RDX=fffffbfff20397a3 RSI=0000000000000008 RDI=ffffffff901cbd10 RBP=fffffbfff20397a2 RSP=ffffc90003fe76d8 R8 =0000000000000000 R9 =fffffbfff20397a2 R10=ffffffff901cbd17 R11=0000000000000005 R12=ffff888028ea3a80 R13=ffff888028ea3f50 R14=dffffc0000000000 R15=dffffc0000000000 RIP=ffffffff81fbf091 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b700000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00000067 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f7f555b8 CR3=00000000631f0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000