last executing test programs: 2.893453703s ago: executing program 1 (id=2): r0 = bpf$MAP_CREATE(0x0, &(0x7f00000002c0)=ANY=[@ANYBLOB="0b00000007000000010001000900000001"], 0x48) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f0000000080)={r0, &(0x7f0000000080), &(0x7f0000000300)=""/180}, 0x20) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b70800000d0000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000280)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000340)={&(0x7f0000000400)='virtio_transport_alloc_pkt\x00', r1}, 0x18) r2 = socket$vsock_stream(0x28, 0x1, 0x0) connect$vsock_stream(r2, &(0x7f0000000140)={0x28, 0x0, 0x0, @host}, 0x10) 2.885729476s ago: executing program 3 (id=4): r0 = openat$vhost_vsock(0xffffffffffffff9c, &(0x7f0000000100), 0x2, 0x0) ioctl$VHOST_SET_OWNER(r0, 0xaf01, 0x0) r1 = socket$inet6(0xa, 0x1, 0x0) setsockopt$inet6_int(r1, 0x29, 0xb, 0x0, 0x0) sendto$inet6(r1, 0x0, 0x0, 0xfffffefffbfbbfbe, &(0x7f0000000100)={0xa, 0x4e20, 0x0, @empty, 0x6}, 0x1c) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000300)={0x1, 0x0, 0x0, &(0x7f0000001500)=""/94, 0x0, 0xf000}) ioctl$VHOST_SET_MEM_TABLE(r0, 0x4008af03, &(0x7f00000016c0)) r2 = eventfd2(0x1, 0x1) r3 = creat(0x0, 0x1) ioctl$VHOST_SET_VRING_BASE(r3, 0x4008af12, &(0x7f0000000080)) ioctl$VHOST_SET_VRING_ERR(r0, 0x4008af22, &(0x7f00000001c0)={0x0, r2}) ioctl$VHOST_SET_VRING_ADDR(r0, 0x4028af11, &(0x7f0000000240)={0x0, 0x0, 0x0, &(0x7f0000001d00)=""/176, 0x0, 0xffff1000}) ioctl$VHOST_SET_VRING_KICK(r0, 0x4008af20, &(0x7f0000000000)={0x0, r2}) ioctl$VHOST_VSOCK_SET_RUNNING(0xffffffffffffffff, 0x4004af61, 0x0) ioctl$VHOST_VSOCK_SET_RUNNING(r0, 0x4004af61, &(0x7f00000000c0)=0x1) mmap(&(0x7f0000000000/0xe7e000)=nil, 0xe7e000, 0xfffffffffffffffe, 0x4031, 0xffffffffffffffff, 0x0) madvise(&(0x7f00000ec000/0x800000)=nil, 0x800000, 0x17) madvise(&(0x7f0000000000/0x600000)=nil, 0x60000b, 0x9) syz_open_dev$tty1(0xc, 0x4, 0x1) mprotect(&(0x7f0000000000/0x4000)=nil, 0x4000, 0x1) socket$inet(0x2, 0x2, 0x0) 2.801749902s ago: executing program 1 (id=5): timer_create(0x2, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) r1 = memfd_create(&(0x7f0000000400)='\xa3\x9fn\xb4dR\x04i5\x02\xac\xce\xe1\x88\x9d[@8\xd7\xce\x1f 9I\x7f\x15\x1d\x93=\xb5\xe7\\\'L\xe6\xd2\x8e\xbc)JtTDq\x81\xcf\x81\xba\xe51\xf5 \xc8\x10>\xc9\\\x85\x17L\xbf\xcf\x91\xdfM\xf3\x02^T*\x00\x02\xb9~B\x9f\xacl\x1d3\x06o\xf8\x16H\xaa*\x02\xf7\xfb\x06\xf1\x83\x92\xa8\xc2\xcb\xae\xb0\xb4\x93\xb8\x04\xf1\x99\xc2yY+\xd9y\x8a\xd5b\xe8\"q\x1b0)\xccm\xacz\xc1\xadd\x9b6a\xf3\xdds\xbb\x88\xff\b\x85\xb3s\x00\x0e\xbcfvi\x85\xfc.|\xd4h\xec\x82o\x8e\x93\x11\xc1\xd4\xae\x05\x17=\xd9R\xd0\xd4\x90\xcf\x9b\xdc\xaeV\x88\x94\x9f\xe3\xefqi\xed\xa8w\xbe\xd0\xd0-tBl\x9e+\xd3\xed\xce\x9f\x83\x86\xf9\x12\x16Ts\x80\x13]C\xfb`\xc2`\xf7\x1a\x00\x00\x00\x00\x00\x00\x00k\xae\xcb\x1a.\xc2\x8f\xd1x4]PZ\x9e\xd5Y\xf0L\xa4\xbc\x84\xf6\x04L\xff0\x8b\\*\xf9,\xb6\r\x97\xedy\xe0\x8a\xe2\x8ck\xc6S\xc3g\xb9\x1a\xf8\x8f \x9d\x00u7\xd8\'\xf1E\xa4(Q\x80Fy\xb5\xe4q\xc9\xff \xd8\x9d\xad\x11\xf8m\xd3\xbc\x9e\x10D\x7f!\xca\x0ev\x15h$\x01\xdd\xe5\xce\xf8*\xb3\x01\x85\a\xe4qv&\x9c\xac\x9aN~o\xe5\x89\xd5\a\x9f\f\x1f\xc2e/\x8d\x1e\n\xd0_\xbd!^\xa46\xb8j\xc0x\n\xdb\xe1\xa3\xd6\xae;\r\x92@\xa5I\x88Z1F\xf0\x1at\t\xd0\x8a\x04m\x06\xf3BL\xffS\x9eY\xf4\xb0U \xf8\xd00\x88y\xebX\x92\xd5\xbb\xa1h7\xf3\xe0\x0f\xbd\x02\xe4%\xf9\xb1\x87\x8aM\xfeG\xb2L\xbd\x92-\xcd\x1f\xf4\xe1,\xb7G|\xec\"\xa2\xab\xf6\x84\xe0\xcf1\x9a', 0x1) execveat(r1, &(0x7f0000000000)='\x00', 0x0, 0x0, 0x1000) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, 0x0, 0x0) socket$nl_netfilter(0x10, 0x3, 0xc) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={0x0, r4}, 0x18) ppoll(&(0x7f0000000000), 0x0, &(0x7f0000000040)={0x0, 0x989680}, 0x0, 0x0) r5 = socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000700)={0x0, 0x10, &(0x7f0000000580)=ANY=[@ANYBLOB="18050000000000000000000000000000b7080000000000007b8af8ff00000000b7080000000000007b8af0ff00000000bfa100000000000007010000f8ffffffbfa4000000", @ANYRES32, @ANYBLOB="0000000000000000b704000001000000850000007800000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x14, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000007c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x11, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) sendmsg$nl_route_sched(r5, &(0x7f00000037c0)={0x0, 0x0, &(0x7f0000003780)={&(0x7f0000001840)=@newtaction={0x894, 0x30, 0x12f, 0x0, 0x0, {}, [{0x880, 0x1, [@m_police={0x87c, 0x1, 0x0, 0x0, {{0xb}, {0x850, 0x2, 0x0, 0x1, [[@TCA_POLICE_TBF={0x3c, 0x1, {0x0, 0x0, 0x0, 0x0, 0x0, {0x7, 0x0, 0x0, 0x0, 0x0, 0x7}, {0x7, 0x0, 0x200, 0x0, 0x0, 0x7}}}], [@TCA_POLICE_PEAKRATE={0x404, 0x3, [0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0xe0e, 0x0, 0x80000000, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10000000, 0x20000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80000001, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x3, 0x0, 0x80, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0xb, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x2000009, 0x0, 0x0, 0x0, 0xffffff35, 0x0, 0x0, 0x4, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000000, 0x0, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0xfffffffd, 0x0, 0xdd82, 0x0, 0x0, 0xfffffffb, 0x0, 0x101, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x400, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x80, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x3, 0x0, 0x5, 0x0, 0x0, 0x3, 0x0, 0x1]}], [@TCA_POLICE_RESULT={0x8, 0x5, 0x9}, @TCA_POLICE_RATE={0x404, 0x2, [0x7, 0x6, 0xffffffff, 0x7f, 0x401, 0x2, 0xfffffffd, 0x2, 0x80000000, 0x4, 0x5, 0x8, 0x0, 0x7fff, 0x75ba, 0x7fffffff, 0x5, 0xffffffff, 0x7ff, 0x2, 0x9, 0x2, 0x0, 0x1000, 0x1, 0x3, 0x6, 0x0, 0xfa, 0x4, 0x0, 0xf, 0x80000001, 0x7, 0xfffffffb, 0x1, 0x20, 0x5, 0xc, 0x1, 0x2f2, 0x7fff, 0x0, 0x81, 0x206, 0x1ff, 0x7, 0x3, 0x5, 0x3, 0x9, 0x1000, 0x401, 0x1, 0x6, 0x7, 0x2, 0x4, 0x7f, 0x10000005, 0xfffffffb, 0x1, 0x2, 0x5, 0x8, 0x2000009, 0x9, 0x10, 0x9, 0x7, 0xffffff00, 0x97, 0x0, 0x4, 0x8, 0x8, 0x1, 0x958, 0x1fe, 0x4, 0x6, 0x7, 0x80, 0x5, 0xe53, 0x0, 0xfffffffe, 0x4, 0x8, 0x9, 0x7fff, 0x30, 0x8, 0xfffffff7, 0x4, 0x9, 0x1, 0x800, 0x7, 0x9, 0x5, 0x7, 0x6, 0x0, 0x5, 0x2, 0x7, 0x3, 0xcdd, 0xfffffff9, 0xd67, 0x7, 0x4, 0x25, 0x9dc5, 0x7, 0xfffffff7, 0x2, 0x400, 0x8, 0x0, 0x7, 0x5, 0x9, 0xa, 0xa, 0x9, 0x5, 0xdb5, 0x101, 0x4, 0x74e4, 0x7fff, 0x9, 0x7ff, 0x1, 0xd70, 0x1, 0x7fffffff, 0xa, 0x7, 0x1, 0x4082, 0x52e, 0x7, 0x1, 0x5, 0x26, 0x1, 0x3b2a, 0x81, 0x9, 0x1c, 0x767, 0x7, 0x9, 0x10, 0xc2a, 0xff, 0x0, 0x6, 0x7, 0x3, 0xfffffff4, 0x8, 0x3, 0xfff, 0x8, 0x5, 0x5, 0x6, 0x3, 0xd7c3, 0x2, 0x10000, 0x7fff, 0x5, 0x5, 0x0, 0xfffffff7, 0x7, 0x2, 0x0, 0x6ee1847d, 0x10001, 0x7ff, 0x1, 0xf0, 0x7, 0x2, 0x7, 0x4, 0x6, 0x4, 0x7, 0x2, 0x0, 0x1, 0x4, 0x3, 0xfff, 0x80000001, 0x0, 0x676, 0x3, 0x9, 0x2, 0x4, 0x0, 0x4a5, 0x23, 0x4, 0xb, 0x8, 0x0, 0x8000, 0xa, 0x9, 0xca000000, 0x2, 0xfffffffa, 0x3, 0x1ff, 0x9, 0x7, 0x65fe, 0x9, 0x6, 0x2004, 0x80000000, 0x5, 0x801, 0xb848, 0x6, 0x6, 0x800, 0x7, 0x1, 0xb, 0x80, 0x2, 0x3, 0x6, 0x9, 0x4, 0x4, 0xc, 0x80000001, 0x5, 0x5, 0x10000000, 0xb, 0x7, 0x5, 0x2, 0x4]}]]}, {0x4}, {0xc, 0xb}, {0xc, 0xa}}}]}]}, 0x894}}, 0x0) 2.744865203s ago: executing program 0 (id=1): socketpair$unix(0x1, 0x3, 0x0, &(0x7f0000000080)={0xffffffffffffffff}) r1 = socket$packet(0x11, 0x3, 0x300) fsetxattr(r1, &(0x7f0000000000)=@known='system.posix_acl_access\x00', 0x0, 0x0, 0x1) prctl$PR_SCHED_CORE(0x3e, 0x1, 0x0, 0x2, 0x0) mremap(&(0x7f0000cf2000/0x2000)=nil, 0x2000, 0x800000, 0x3, &(0x7f0000130000/0x800000)=nil) socket$nl_generic(0x10, 0x3, 0x10) r2 = socket$packet(0x11, 0x3, 0x300) ioctl$sock_SIOCGIFINDEX(r0, 0x8933, &(0x7f00000000c0)={'veth1_macvtap\x00', 0x0}) r4 = socket$nl_route(0x10, 0x3, 0x0) setsockopt$packet_add_memb(r2, 0x107, 0x1, &(0x7f0000000040)={r3, 0x1, 0x6, @local}, 0x10) sendmsg$nl_route_sched(r4, &(0x7f00000003c0)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000280)=@getchain={0x24, 0x11, 0x839, 0x70bd2d, 0x25dfdbff, {0x0, 0x0, 0x0, r3, {0xfff2}, {0xfff3, 0x8}}}, 0x24}}, 0x20040000) 2.441954766s ago: executing program 3 (id=6): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) r1 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="0b00000005000000050000000920000001"], 0x48) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32, @ANYBLOB="0000000000000000b7080000000000107b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b70400000000925e850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, @fallback=0x4, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000800000000000000000000018110000", @ANYRES32=r1], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000200)={'rose0\x00', 0x112}) r2 = bpf$PROG_LOAD(0x5, &(0x7f0000000740)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000001c0)={&(0x7f0000000200)='qdisc_reset\x00', r2}, 0x10) r3 = openat$tun(0xffffffffffffff9c, &(0x7f0000000000), 0x0, 0x0) ioctl$TUNSETIFF(r3, 0x400454ca, &(0x7f0000000180)={'rose0\x00', 0x112}) ioctl$TUNSETQUEUE(r3, 0x400454d9, &(0x7f0000000100)={'vlan0\x00', 0x400}) 2.310718483s ago: executing program 3 (id=7): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000000540)=ANY=[@ANYBLOB="05000000030000008400000010"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x0, 0x20000000000000fe, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f00000002c0)={{r0}, &(0x7f00000001c0), &(0x7f0000000200)=r1}, 0x20) r2 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r2}, 0x10) r3 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r3, &(0x7f0000000280)={0x0, 0x74000000, &(0x7f0000000000)={&(0x7f0000000040)=ANY=[@ANYBLOB="4c00000010004b0400f4ed00000000007a000000", @ANYRES32=0x0, @ANYBLOB="00000000000000002c0012800b00010062726964676500001c00028008000400000000000600060000000000060009"], 0x4c}}, 0x0) 2.052324276s ago: executing program 3 (id=8): r0 = openat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x401c2, 0x0) ftruncate(r0, 0x8800000) r1 = openat$uinput(0xffffffffffffff9c, &(0x7f00000000c0), 0x2, 0x0) write$uinput_user_dev(r1, &(0x7f0000000100)={'syz0\x00', {}, 0x0, [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x1ff, 0x0, 0x0, 0x0, 0x40, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10001, 0x0, 0x0, 0x0, 0x0, 0x82, 0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x40000, 0x0, 0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4], [0x0, 0x0, 0x0, 0x0, 0x10000000, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x5, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x4afa], [0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0xc7, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2, 0x2, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x9, 0x0, 0x0, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x0, 0x2]}, 0x45c) ioctl$UI_DEV_CREATE(r1, 0x5501) r2 = gettid() timer_create(0x0, &(0x7f0000001640)={0x0, 0x21, 0x800000000004, @tid=r2}, &(0x7f0000bbdffc)) readv(r1, &(0x7f00000018c0)=[{&(0x7f0000001700)=""/221, 0xdd}], 0x1) timer_settime(0x0, 0x0, &(0x7f0000000340)={{0x0, 0x989680}, {0x0, 0x989680}}, 0x0) socketpair$nbd(0x1, 0x1, 0x0, &(0x7f0000000100)={0xffffffffffffffff, 0xffffffffffffffff}) recvmmsg(r4, &(0x7f00000034c0)=[{{0x0, 0x0, &(0x7f0000001e40)=[{&(0x7f0000000b80)=""/4096, 0x1000}], 0x1}}], 0x1, 0x700, 0x0) sendfile(r3, r0, 0x0, 0x100000000) sched_setaffinity(0x0, 0x0, 0x0) bpf$PROG_LOAD_XDP(0x5, 0x0, 0x0) 1.870919832s ago: executing program 1 (id=9): madvise(&(0x7f0000a93000/0x4000)=nil, 0x4000, 0x80000000e) r0 = seccomp$SECCOMP_SET_MODE_FILTER_LISTENER(0x1, 0x8, 0x0) ioctl$SECCOMP_IOCTL_NOTIF_SEND(r0, 0xc0182101, 0x0) openat$ptmx(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xb, &(0x7f0000000640)=ANY=[@ANYBLOB="18060000000000000000000000000000180100002020702500000000002020207b1af8ff00000000bfa100000000000007010000f8ffffffb702000003000000b703000000000000850000007300000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000002c0)={&(0x7f0000000080)='sched_switch\x00', r4}, 0x10) sendmsg$TIPC_CMD_SHOW_LINK_STATS(0xffffffffffffffff, 0x0, 0x8840) bpf$PROG_LOAD(0x5, 0x0, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=@base={0xb, 0x5, 0x400, 0x9, 0x1, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) bpf$PROG_LOAD(0x5, &(0x7f0000000340)={0x8, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @cgroup_skb, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r6 = syz_open_dev$usbfs(&(0x7f0000000180), 0x205, 0x2581) r7 = fcntl$dupfd(r6, 0x0, r6) ioctl$USBDEVFS_SUBMITURB(r7, 0x8038550a, &(0x7f0000000000)=@urb_type_control={0x2, {}, 0x0, 0x0, &(0x7f0000000080)={0x80, 0x0, 0x0, 0x0, 0x7995}, 0xfff7, 0x0, 0x0, 0x48000000, 0x0, 0x0, 0x0}) recvfrom$inet6(r7, &(0x7f0000000240)=""/85, 0x55, 0x10023, &(0x7f0000000000)={0xa, 0x4e23, 0x400, @private2, 0x9}, 0x1c) bpf$MAP_GET_NEXT_KEY(0x2, &(0x7f00000004c0)={r5, &(0x7f0000000340), &(0x7f00000005c0)=""/155}, 0x20) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f00000006c0)={&(0x7f0000000600)='sys_enter\x00'}, 0x10) setrlimit(0x40000000000008, &(0x7f0000000300)) unshare(0x64000600) 1.800835224s ago: executing program 2 (id=11): socket$packet(0x11, 0x3, 0x300) r0 = socket$inet_udp(0x2, 0x2, 0x0) bind$inet(r0, &(0x7f0000000040)={0x2, 0x4e20, @empty}, 0x10) setsockopt$inet_udp_encap(r0, 0x11, 0x64, &(0x7f0000000000)=0x2, 0x4) syz_emit_ethernet(0x86, &(0x7f0000000440)={@local, @empty, @void, {@ipv4={0x800, @udp={{0x5, 0x4, 0x0, 0x0, 0x78, 0x0, 0x0, 0x0, 0x11, 0x0, @empty, @broadcast}, {0x0, 0x4e20, 0x64, 0x0, @wg=@response={0x2, 0x4, 0x0, "017cea08e90a62168facaecca577cb43f478fd5e6e5d4fb33ecffe357eac8a8e", "66d379b886319c62896eb4629b6baae1", {"a41819bdef458b3c84740f618752a2e5", "396954ec098e6a74ec194039740c8a59"}}}}}}}, 0x0) 1.721581449s ago: executing program 2 (id=12): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f0000000180)=ANY=[@ANYBLOB="1b00000000000000000000000080"], 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r3, @ANYBLOB="0000000000000000b702000002000000850000008600000095"], &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x0, '\x00', 0x0, @fallback=0x36, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10) ioperm(0x9, 0x3ff, 0xff) bpf$BPF_BTF_LOAD(0x12, &(0x7f00000003c0)={&(0x7f00000005c0)={{0xeb9f, 0x1, 0x0, 0x18, 0x0, 0xc, 0xc, 0x2, [@func_proto]}}, &(0x7f0000000740)=""/230, 0x26, 0xe6, 0x1, 0x0, 0x0, @void, @value}, 0x28) 1.223747489s ago: executing program 3 (id=13): bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=@base={0xd, 0x4, 0xfff, 0x7, 0x21059, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x4, 0x0, 0x3, 0x0, @void, @value, @void, @value}, 0x50) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f0000000180)={0x1, &(0x7f0000000040)=[{0x200000000006, 0x0, 0x0, 0x7ffc0002}]}) socketpair$tipc(0x1e, 0x2, 0x0, &(0x7f0000000180)={0xffffffffffffffff, 0xffffffffffffffff}) r1 = dup(r0) syz_emit_ethernet(0x0, 0x0, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f0000000080)='sched_switch\x00', r5}, 0x10) openat$tun(0xffffffffffffff9c, 0x0, 0x0, 0x0) r6 = open(&(0x7f0000000140)='./file1\x00', 0x109cc2, 0x40) ftruncate(r6, 0x200004) sendfile(r1, r6, 0x0, 0x80001d00c0d1) 1.203379549s ago: executing program 0 (id=14): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = syz_clone(0x80842111, 0x0, 0x0, 0x0, 0x0, 0x0) bpf$ENABLE_STATS(0x20, 0x0, 0x0) capset(&(0x7f00000000c0)={0x20080522}, &(0x7f0000000080)={0x0, 0x0, 0x80000000}) kcmp(r3, r3, 0x3, 0xffffffffffffffff, 0xffffffffffffffff) 920.827395ms ago: executing program 1 (id=15): bpf$MAP_CREATE(0x0, &(0x7f0000000640)=ANY=[], 0x48) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file0\x00', 0x0) prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) bind$802154_raw(0xffffffffffffffff, 0x0, 0x0) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x11, 0x5, &(0x7f00000002c0)=ANY=[@ANYBLOB], &(0x7f0000000080)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000280)={&(0x7f0000000080)='sched_switch\x00', r3}, 0x18) r4 = socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$tipc2(&(0x7f0000000040), r4) sendmsg$TIPC_NL_PUBL_GET(r4, &(0x7f00000014c0)={0x0, 0x0, &(0x7f0000001480)={&(0x7f0000000000)={0x14, r5, 0x341, 0x70bd28, 0x25dfdbfd}, 0x14}, 0x1, 0x0, 0x0, 0x20000814}, 0x14) mkdirat(0xffffffffffffff9c, &(0x7f0000002040)='./file0\x00', 0x0) mkdir(&(0x7f00000000c0)='./bus\x00', 0x0) mount$bind(&(0x7f00000002c0)='.\x00', &(0x7f0000000200)='./file0/../file0\x00', 0x0, 0x101091, 0x0) mkdir(&(0x7f0000000440)='./file1\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000080), 0x0, &(0x7f0000000a00)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}, {@nfs_export_on}]}) chdir(0x0) syz_emit_ethernet(0x0, 0x0, 0x0) rmdir(&(0x7f0000000380)='./file0/../file0\x00') ioctl$TIOCSETD(0xffffffffffffffff, 0x5423, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) 790.382223ms ago: executing program 2 (id=16): mkdir(&(0x7f0000000180)='./file0\x00', 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000000)='./file1\x00', 0x26) mkdir(&(0x7f0000000300)='./bus\x00', 0x0) mount$overlay(0x0, &(0x7f00000000c0)='./bus\x00', &(0x7f0000000340), 0x0, &(0x7f0000000080)={[{@workdir={'workdir', 0x3d, './bus'}}, {@lowerdir={'lowerdir', 0x3d, './file0'}}, {@upperdir={'upperdir', 0x3d, './file1'}}]}) chdir(&(0x7f0000000140)='./bus\x00') ioctl$BTRFS_IOC_GET_DEV_STATS(0xffffffffffffffff, 0xc4089434, &(0x7f0000000240)={0x0, 0x0, 0x0, [], [0x0, 0x0, 0x0, 0xfffffffffffffffd, 0x87, 0x0, 0x0, 0xc, 0x1, 0x1, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x822, 0x0, 0x0, 0x0, 0xfffffffffffffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x100, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x3d, 0x1, 0x6, 0x3, 0x0, 0x0, 0xffffffffff7ffffd, 0x0, 0x0, 0x0, 0x0, 0x0, 0xff, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x4, 0x0, 0x5, 0x5, 0x0, 0x8000000000000000, 0x3, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffff9, 0xfffffffffffffffe, 0x3d60, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x8, 0x0, 0x0, 0x0, 0x6, 0x4, 0xfffffffffffffffd, 0x0, 0x0, 0x0, 0x4, 0xfffffffffffffffd, 0x0, 0x0, 0x2, 0x0, 0x0, 0x0, 0x3fffffe, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xfffffffffffffffc, 0x0, 0x0, 0x7]}) r0 = openat$cgroup_ro(0xffffffffffffff9c, &(0x7f0000000040)='freezer.self_freezing\x00', 0x275a, 0x0) write$binfmt_script(r0, &(0x7f0000000280), 0x208e24b) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0x1000003, 0x28011, r0, 0x0) unshare(0x24020400) ioctl$FS_IOC_SETFLAGS(r0, 0xc0189436, &(0x7f0000000140)) 599.274144ms ago: executing program 2 (id=17): r0 = bpf$MAP_CREATE(0x0, &(0x7f0000004180)=ANY=[@ANYBLOB="02000000040000000700000002"], 0x48) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], &(0x7f0000000040)='syzkaller\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x2a, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000000)='sys_enter\x00', r1}, 0x10) io_setup(0xd837, &(0x7f0000000500)=0x0) io_destroy(r2) 406.774137ms ago: executing program 2 (id=18): mremap(&(0x7f0000001000/0x3000)=nil, 0x3000, 0x4000, 0x3, &(0x7f0000005000/0x4000)=nil) r0 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x8040, 0x0) ioctl$TCSETS(r0, 0x40045431, &(0x7f0000000040)={0x0, 0x0, 0x4, 0x0, 0x0, "ff00f7000000000000000000af88008300"}) r1 = syz_open_pts(r0, 0x141601) write(r1, &(0x7f0000000000)="d5", 0xfffffedf) 322.08899ms ago: executing program 2 (id=19): r0 = syz_usb_connect$hid(0x5, 0x36, &(0x7f0000000080)={{0x12, 0x1, 0x0, 0x0, 0x0, 0x0, 0x20, 0x56a, 0xd0, 0x0, 0x0, 0x0, 0x0, 0x1, [{{0x9, 0x2, 0x24, 0x1, 0x0, 0x0, 0x0, 0x6, [{{0x9, 0x4, 0x0, 0x2, 0x1, 0x3, 0x0, 0x0, 0x0, {0x9, 0x21, 0x0, 0x0, 0x1, {0x22, 0x5}}}}]}}]}}, 0x0) syz_usb_control_io$hid(r0, 0x0, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x4, &(0x7f00000000c0)=ANY=[@ANYBLOB="18000000000700000000000000000000850000002300000095"], &(0x7f00000001c0)='GPL\x00', 0x4, 0x8f, &(0x7f00000002c0)=""/143, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x80) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000100)={&(0x7f0000000080)='kfree\x00', r1}, 0x18) r2 = socket(0x1e, 0x4, 0x0) r3 = socket(0x1e, 0x2, 0x0) setsockopt$packet_tx_ring(r3, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0xfffffffc}, 0x10) setsockopt$packet_tx_ring(r2, 0x10f, 0x87, &(0x7f0000000440)=@req={0x3fc, 0x0, 0x2}, 0x10) sendmmsg(r2, &(0x7f00000030c0)=[{{0x0, 0xa9cc7003, &(0x7f0000000400)=[{&(0x7f00000000c0)="ee", 0x3514}], 0x1}}], 0x400000000000181, 0x9200000000000000) r4 = dup3(r3, r2, 0x0) ioctl$ifreq_SIOCGIFINDEX_team(r4, 0x8933, &(0x7f00000006c0)={'team0\x00', 0x0}) bpf$BPF_LINK_CREATE_XDP(0x1c, &(0x7f0000000700)={0xffffffffffffffff, r5, 0x25, 0x4, @void}, 0x10) recvmmsg(r4, &(0x7f0000008840)=[{{0x0, 0x0, &(0x7f0000000240)=[{&(0x7f0000000040)=""/8, 0x8}], 0x1}, 0xffffffff}], 0x1, 0x40000001, 0x0) sendmsg$IPCTNL_MSG_CT_GET_STATS(r4, &(0x7f0000000180)={&(0x7f0000000000)={0x10, 0x0, 0x0, 0x200000}, 0xc, &(0x7f0000000140)={&(0x7f0000000040)={0x14, 0x5, 0x1, 0x5, 0x0, 0x0, {0x5, 0x0, 0x1}, ["", ""]}, 0x14}, 0x1, 0x0, 0x0, 0x5040}, 0x800) bpf$MAP_CREATE_TAIL_CALL(0x0, 0x0, 0x50) syz_usb_control_io$hid(r0, &(0x7f0000002540)={0x24, 0x0, 0x0, &(0x7f00000013c0)={0x0, 0x22, 0x5, {[@main=@item_4={0x3, 0x0, 0x9, "83c5b03b"}]}}, 0x0}, 0x0) 266.20677ms ago: executing program 3 (id=20): r0 = openat$tun(0xffffffffffffff9c, &(0x7f0000000040), 0x20702, 0x0) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, 0x0, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000140)={0x0, r1}, 0x18) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r2 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r2, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r5 = bpf$MAP_CREATE(0x0, &(0x7f0000000300)=ANY=[@ANYBLOB="01000000040000000800000008"], 0x50) openat$vsock(0xffffffffffffff9c, &(0x7f0000000500), 0x121000, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000018110000", @ANYRES32=r5, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000000100000095"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x40, '\x00', 0x0, @fallback=0x16, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$MAP_UPDATE_ELEM_TAIL_CALL(0x2, &(0x7f0000000600)={{r5}, &(0x7f0000000000), &(0x7f00000005c0)}, 0x20) r6 = bpf$PROG_LOAD(0x5, &(0x7f0000000380)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000180)='syzkaller\x00', 0x0, 0x0, 0x0, 0x82000, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000080)={&(0x7f0000000040)='sched_switch\x00', r6}, 0x10) ioctl$TUNSETIFF(r0, 0x400454ca, &(0x7f0000000080)={'syzkaller0\x00', 0xca58c30f81b6079f}) close(r0) 261.295969ms ago: executing program 0 (id=21): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, 0x0, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000000)={&(0x7f00000002c0)='kfree\x00', r0}, 0x10) r1 = openat$sysfs(0xffffff9c, &(0x7f0000000240)='/sys/kernel/notes', 0x880, 0xff) finit_module(r1, 0x0, 0x3) 191.249874ms ago: executing program 0 (id=22): prlimit64(0x0, 0xe, 0x0, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f0000000280)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000540)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, 0x0, 0x0, 0x0) recvmmsg(r1, &(0x7f0000000480), 0x400034f, 0x2, 0x0) r3 = bpf$MAP_CREATE(0x0, &(0x7f00000000c0)=@base={0x1b, 0x0, 0x0, 0x8000, 0x0, 0xffffffffffffffff, 0x0, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x48) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0x7, &(0x7f0000000240)=@framed={{}, [@ringbuf_query={{0x18, 0x1, 0x1, 0x0, r3}}]}, &(0x7f0000000200)='GPL\x00', 0x0, 0x0, 0x0, 0x40f00, 0x1, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000740)={&(0x7f00000006c0)='sched_switch\x00', r4}, 0x10) socket$nl_route(0x10, 0x3, 0x0) bpf$PROG_LOAD(0x5, &(0x7f0000000480)={0x11, 0xb, &(0x7f0000000180)=ANY=[@ANYBLOB], 0x0, 0x0, 0x0, 0x0, 0x40f00, 0xe, '\x00', 0x0, @fallback=0x37, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) add_key$fscrypt_v1(&(0x7f0000000000), 0x0, 0x0, 0x0, 0xfffffffffffffffe) syz_open_procfs(0x0, &(0x7f0000000000)='net/vlan/vlan0\x00') 0s ago: executing program 1 (id=23): prlimit64(0x0, 0xe, &(0x7f0000000140)={0xa, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = bpf$MAP_CREATE_CONST_STR(0x1800000000000000, &(0x7f0000000240)={0x2, 0x4, 0x8, 0x1, 0x80, 0x0, 0x3, '\x00', 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, @void, @value, @void, @value}, 0x50) bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x0, 0x10, &(0x7f0000000580)=@framed={{0x18, 0x5}, [@snprintf={{}, {}, {}, {}, {}, {}, {}, {}, {}, {0x18, 0x3, 0x2, 0x0, r3}, {0x7, 0x0, 0xb, 0x4}, {0x85, 0x0, 0x0, 0x95}}]}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) r4 = bpf$PROG_LOAD(0x5, &(0x7f00000004c0)={0x11, 0x10, &(0x7f0000000580)=ANY=[], &(0x7f0000000600)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={&(0x7f0000000140)='sched_switch\x00', r4}, 0x10) r5 = socket$inet_udp(0x2, 0x2, 0x0) setsockopt$inet_MCAST_JOIN_GROUP(r5, 0x0, 0x2a, &(0x7f0000000180)={0x2, {{0x2, 0x0, @multicast2}}}, 0x88) setsockopt$inet_MCAST_MSFILTER(r5, 0x0, 0x30, &(0x7f0000000600)=ANY=[@ANYBLOB="020000000000000002000000e0000002"], 0x110) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:33124' (ED25519) to the list of known hosts. [ 42.057430][ T5887] cgroup: Unknown subsys name 'net' [ 42.238704][ T5887] cgroup: Unknown subsys name 'cpuset' [ 42.243666][ T5887] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 43.110610][ T5887] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 46.529505][ T5951] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 46.532051][ T5951] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 46.535841][ T5954] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 46.538486][ T5954] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 46.539973][ T5952] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 46.541149][ T5954] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 46.544617][ T5952] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 46.546253][ T5954] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 46.548638][ T5952] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 46.551312][ T5954] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 46.553272][ T5952] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 46.555498][ T5954] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 46.558831][ T5952] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 46.560984][ T5954] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 46.563566][ T5952] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 46.565713][ T5959] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 46.567886][ T5952] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 46.570895][ T5959] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 46.576720][ T5959] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 46.582775][ T5946] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 46.887327][ T5943] chnl_net:caif_netlink_parms(): no params data found [ 46.900541][ T5942] chnl_net:caif_netlink_parms(): no params data found [ 47.067019][ T5956] chnl_net:caif_netlink_parms(): no params data found [ 47.079867][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.082252][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.084706][ T5943] bridge_slave_0: entered allmulticast mode [ 47.087865][ T5943] bridge_slave_0: entered promiscuous mode [ 47.119917][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.122269][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.124707][ T5943] bridge_slave_1: entered allmulticast mode [ 47.127496][ T5943] bridge_slave_1: entered promiscuous mode [ 47.226877][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.229819][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.232505][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.234767][ T5942] bridge_slave_0: entered allmulticast mode [ 47.238689][ T5942] bridge_slave_0: entered promiscuous mode [ 47.241678][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.243927][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.246463][ T5942] bridge_slave_1: entered allmulticast mode [ 47.249086][ T5942] bridge_slave_1: entered promiscuous mode [ 47.259243][ T5941] chnl_net:caif_netlink_parms(): no params data found [ 47.279083][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.372678][ T5956] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.375037][ T5956] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.377304][ T5956] bridge_slave_0: entered allmulticast mode [ 47.379943][ T5956] bridge_slave_0: entered promiscuous mode [ 47.383277][ T5956] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.385804][ T5956] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.388055][ T5956] bridge_slave_1: entered allmulticast mode [ 47.390847][ T5956] bridge_slave_1: entered promiscuous mode [ 47.394494][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.407739][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.412629][ T5943] team0: Port device team_slave_0 added [ 47.493636][ T5943] team0: Port device team_slave_1 added [ 47.532095][ T5942] team0: Port device team_slave_0 added [ 47.558618][ T5956] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.566878][ T5942] team0: Port device team_slave_1 added [ 47.570236][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.573119][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.582117][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.587952][ T5956] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.645511][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.648410][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.657431][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.724887][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.727201][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.736733][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.744241][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.746541][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.754508][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.761344][ T5956] team0: Port device team_slave_0 added [ 47.765433][ T5941] bridge0: port 1(bridge_slave_0) entered blocking state [ 47.767653][ T5941] bridge0: port 1(bridge_slave_0) entered disabled state [ 47.769776][ T5941] bridge_slave_0: entered allmulticast mode [ 47.772350][ T5941] bridge_slave_0: entered promiscuous mode [ 47.776358][ T5941] bridge0: port 2(bridge_slave_1) entered blocking state [ 47.778585][ T5941] bridge0: port 2(bridge_slave_1) entered disabled state [ 47.780815][ T5941] bridge_slave_1: entered allmulticast mode [ 47.783373][ T5941] bridge_slave_1: entered promiscuous mode [ 47.790464][ T5956] team0: Port device team_slave_1 added [ 47.849019][ T5941] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 47.853494][ T5941] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 47.870531][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 47.872734][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.882030][ T5956] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 47.901309][ T5943] hsr_slave_0: entered promiscuous mode [ 47.904050][ T5943] hsr_slave_1: entered promiscuous mode [ 47.930108][ T5956] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 47.932320][ T5956] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 47.940395][ T5956] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 47.990834][ T5942] hsr_slave_0: entered promiscuous mode [ 47.993361][ T5942] hsr_slave_1: entered promiscuous mode [ 47.995776][ T5942] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 47.998236][ T5942] Cannot create hsr debugfs directory [ 48.001504][ T5941] team0: Port device team_slave_0 added [ 48.027660][ T5941] team0: Port device team_slave_1 added [ 48.115591][ T5956] hsr_slave_0: entered promiscuous mode [ 48.117904][ T5956] hsr_slave_1: entered promiscuous mode [ 48.120400][ T5956] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 48.122754][ T5956] Cannot create hsr debugfs directory [ 48.164515][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 48.166857][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.174781][ T5941] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 48.183700][ T5941] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 48.186411][ T5941] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 48.197592][ T5941] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 48.333253][ T5941] hsr_slave_0: entered promiscuous mode [ 48.335535][ T5941] hsr_slave_1: entered promiscuous mode [ 48.337629][ T5941] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 48.339966][ T5941] Cannot create hsr debugfs directory [ 48.507560][ T5943] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 48.513604][ T5943] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 48.531549][ T5943] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 48.539170][ T5943] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 48.566411][ T5942] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 48.571908][ T5942] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 48.577898][ T5942] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 48.583828][ T5942] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 48.596037][ T5946] Bluetooth: hci0: command tx timeout [ 48.597247][ T67] Bluetooth: hci1: command tx timeout [ 48.605167][ T67] Bluetooth: hci3: command tx timeout [ 48.606305][ T5946] Bluetooth: hci2: command tx timeout [ 48.624419][ T5956] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 48.628832][ T5956] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 48.633077][ T5956] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 48.637416][ T5956] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 48.677437][ T5941] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 48.681702][ T5941] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 48.688680][ T5941] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 48.692682][ T5941] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 48.750402][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.761079][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.783499][ T5943] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.791497][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.795792][ T93] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.798151][ T93] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.804030][ T5941] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.810149][ T5956] 8021q: adding VLAN 0 to HW filter on device bond0 [ 48.819392][ T93] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.821905][ T93] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.827608][ T93] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.829857][ T93] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.843075][ T1167] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.845503][ T1167] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.853736][ T5941] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.866803][ T5956] 8021q: adding VLAN 0 to HW filter on device team0 [ 48.877358][ T93] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.879637][ T93] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.883019][ T93] bridge0: port 1(bridge_slave_0) entered blocking state [ 48.885366][ T93] bridge0: port 1(bridge_slave_0) entered forwarding state [ 48.898311][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.900698][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 48.906185][ T46] bridge0: port 2(bridge_slave_1) entered blocking state [ 48.908533][ T46] bridge0: port 2(bridge_slave_1) entered forwarding state [ 49.042114][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.052218][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.085537][ T5943] veth0_vlan: entered promiscuous mode [ 49.102466][ T5942] veth0_vlan: entered promiscuous mode [ 49.113935][ T5956] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.121062][ T5943] veth1_vlan: entered promiscuous mode [ 49.129301][ T5941] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 49.132356][ T5942] veth1_vlan: entered promiscuous mode [ 49.169717][ T5941] veth0_vlan: entered promiscuous mode [ 49.176254][ T5943] veth0_macvtap: entered promiscuous mode [ 49.179378][ T5942] veth0_macvtap: entered promiscuous mode [ 49.187519][ T5943] veth1_macvtap: entered promiscuous mode [ 49.191061][ T5941] veth1_vlan: entered promiscuous mode [ 49.194431][ T5942] veth1_macvtap: entered promiscuous mode [ 49.209603][ T5956] veth0_vlan: entered promiscuous mode [ 49.217208][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.222597][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.226332][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.230184][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.234246][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.240895][ T5943] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.243686][ T5943] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.246607][ T5943] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.249313][ T5943] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.254846][ T5942] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.258725][ T5942] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.262585][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.265752][ T5956] veth1_vlan: entered promiscuous mode [ 49.279282][ T5941] veth0_macvtap: entered promiscuous mode [ 49.282072][ T5942] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.286266][ T5942] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.289184][ T5942] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.291965][ T5942] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.306893][ T5941] veth1_macvtap: entered promiscuous mode [ 49.346377][ T93] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.346946][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.349379][ T1147] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.352233][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.354592][ T93] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.354996][ T1147] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.358968][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.365682][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.369526][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.388657][ T5956] veth0_macvtap: entered promiscuous mode [ 49.405512][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.408900][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.411890][ T5941] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.416608][ T5941] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.421630][ T5941] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.424760][ T93] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.428204][ T93] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.431710][ T5956] veth1_macvtap: entered promiscuous mode [ 49.436229][ T5941] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.437260][ T63] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.442353][ T5941] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.442875][ T63] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.449494][ T5941] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.452208][ T5941] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.477862][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.482159][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.486575][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.490709][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.494709][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 49.499557][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.505503][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 49.515979][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.519542][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.520991][ T5943] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 49.522564][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.522575][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.522582][ T5956] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 49.538739][ T5956] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 49.542562][ T5956] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 49.547027][ T5956] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.549790][ T5956] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.552536][ T5956] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.555720][ T5956] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 49.618817][ T1167] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.626586][ T1167] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.652140][ T1133] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.656663][ T1133] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.674951][ T1167] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.675643][ T6010] process 'syz.1.5' launched '/dev/fd/3' with NULL argv: empty string added [ 49.677375][ T1167] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.687010][ T1133] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 49.690065][ T1133] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 49.785891][ T6013] netlink: 4 bytes leftover after parsing attributes in process `syz.0.1'. [ 50.389020][ T6023] input: syz0 as /devices/virtual/input/input5 [ 50.675068][ T5946] Bluetooth: hci3: command tx timeout [ 50.675125][ T67] Bluetooth: hci1: command tx timeout [ 50.676928][ T5946] Bluetooth: hci0: command tx timeout [ 50.685392][ T67] Bluetooth: hci2: command tx timeout [ 51.280320][ T40] audit: type=1326 audit(1747329591.395:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.3.13" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 51.287252][ T40] audit: type=1326 audit(1747329591.395:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.3.13" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 51.295314][ T40] audit: type=1326 audit(1747329591.395:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.3.13" exe="/syz-executor" sig=0 arch=40000003 syscall=360 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 51.303754][ T40] audit: type=1326 audit(1747329591.395:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.3.13" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 51.311892][ T40] audit: type=1326 audit(1747329591.395:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.3.13" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 51.320252][ T40] audit: type=1326 audit(1747329591.395:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.3.13" exe="/syz-executor" sig=0 arch=40000003 syscall=41 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 51.327648][ T40] audit: type=1326 audit(1747329591.395:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.3.13" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 51.336559][ T40] audit: type=1326 audit(1747329591.395:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.3.13" exe="/syz-executor" sig=0 arch=40000003 syscall=4 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 51.344093][ T40] audit: type=1326 audit(1747329591.395:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.3.13" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 51.352362][ T40] audit: type=1326 audit(1747329591.395:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=6041 comm="syz.3.13" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf702e579 code=0x7ffc0000 [ 52.222419][ T6063] Invalid ELF header magic: != ELF [ 52.364989][ T64] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 52.525040][ T64] usb 7-1: Using ep0 maxpacket: 32 [ 52.528829][ T64] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 52.532165][ T64] usb 7-1: config 0 interface 0 altsetting 2 endpoint 0x81 has invalid wMaxPacketSize 0 [ 52.535260][ T64] usb 7-1: config 0 interface 0 has no altsetting 0 [ 52.537392][ T64] usb 7-1: New USB device found, idVendor=056a, idProduct=00d0, bcdDevice= 0.00 [ 52.540163][ T64] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 52.557229][ T64] usb 7-1: config 0 descriptor?? [ 52.765197][ T67] Bluetooth: hci0: command tx timeout [ 52.765218][ T5954] Bluetooth: hci3: command tx timeout [ 52.767622][ T67] Bluetooth: hci2: command tx timeout [ 52.769415][ T5946] Bluetooth: hci1: command tx timeout [ 53.030715][ T64] ------------[ cut here ]------------ [ 53.032765][ T64] UBSAN: shift-out-of-bounds in ./include/linux/log2.h:57:13 [ 53.035279][ T64] shift exponent 64 is too large for 64-bit type 'long unsigned int' [ 53.039973][ T64] CPU: 1 UID: 0 PID: 64 Comm: kworker/1:1 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) [ 53.039988][ T64] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 53.039995][ T64] Workqueue: usb_hub_wq hub_event [ 53.040012][ T64] Call Trace: [ 53.040017][ T64] [ 53.040021][ T64] dump_stack_lvl+0x16c/0x1f0 [ 53.040039][ T64] __ubsan_handle_shift_out_of_bounds+0x27f/0x420 [ 53.040059][ T64] __kfifo_alloc.cold+0x18/0x1d [ 53.040073][ T64] wacom_parse_and_register+0x28e/0x5d10 [ 53.040085][ T64] ? kfree+0x2b6/0x4d0 [ 53.040095][ T64] ? __pfx___might_resched+0x10/0x10 [ 53.040106][ T64] ? vfree+0x316/0x960 [ 53.040128][ T64] ? fetch_item+0x1bb/0x530 [ 53.040147][ T64] ? __pfx_wacom_parse_and_register+0x10/0x10 [ 53.040159][ T64] ? __pfx_hid_open_report+0x10/0x10 [ 53.040169][ T64] ? mark_held_locks+0x49/0x80 [ 53.040184][ T64] ? lockdep_init_map_type+0x5c/0x280 [ 53.040201][ T64] wacom_probe+0xa1c/0xe10 [ 53.040213][ T64] ? __pfx_wacom_probe+0x10/0x10 [ 53.040222][ T64] hid_device_probe+0x357/0x710 [ 53.040235][ T64] ? __pfx_hid_device_probe+0x10/0x10 [ 53.040248][ T64] really_probe+0x241/0xa90 [ 53.040263][ T64] __driver_probe_device+0x1de/0x440 [ 53.040276][ T64] driver_probe_device+0x4c/0x1b0 [ 53.040289][ T64] __device_attach_driver+0x1df/0x310 [ 53.040303][ T64] ? __pfx___device_attach_driver+0x10/0x10 [ 53.040314][ T64] bus_for_each_drv+0x159/0x1e0 [ 53.040331][ T64] ? __pfx_bus_for_each_drv+0x10/0x10 [ 53.040349][ T64] ? lockdep_hardirqs_on+0x7c/0x110 [ 53.040363][ T64] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 53.040381][ T64] __device_attach+0x1e4/0x4b0 [ 53.040393][ T64] ? __pfx___device_attach+0x10/0x10 [ 53.040406][ T64] ? do_raw_spin_unlock+0x172/0x230 [ 53.040425][ T64] bus_probe_device+0x17f/0x1c0 [ 53.040464][ T64] device_add+0x1148/0x1a70 [ 53.040481][ T64] ? __pfx_device_add+0x10/0x10 [ 53.040496][ T64] ? debugfs_create_file_full+0x41/0x60 [ 53.040516][ T64] hid_add_device+0x373/0xa60 [ 53.040527][ T64] ? __pfx_hid_add_device+0x10/0x10 [ 53.040536][ T64] ? lockdep_init_map_type+0x5c/0x280 [ 53.040551][ T64] ? lockdep_init_map_type+0x5c/0x280 [ 53.040567][ T64] usbhid_probe+0xd38/0x13f0 [ 53.040586][ T64] usb_probe_interface+0x300/0x9c0 [ 53.040604][ T64] ? __pfx_usb_probe_interface+0x10/0x10 [ 53.040621][ T64] really_probe+0x241/0xa90 [ 53.040634][ T64] __driver_probe_device+0x1de/0x440 [ 53.040648][ T64] driver_probe_device+0x4c/0x1b0 [ 53.040661][ T64] __device_attach_driver+0x1df/0x310 [ 53.040674][ T64] ? __pfx___device_attach_driver+0x10/0x10 [ 53.040686][ T64] bus_for_each_drv+0x159/0x1e0 [ 53.040703][ T64] ? __pfx_bus_for_each_drv+0x10/0x10 [ 53.040724][ T64] ? lockdep_hardirqs_on+0x7c/0x110 [ 53.040739][ T64] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 53.040754][ T64] __device_attach+0x1e4/0x4b0 [ 53.040767][ T64] ? __pfx___device_attach+0x10/0x10 [ 53.040780][ T64] ? do_raw_spin_unlock+0x172/0x230 [ 53.040799][ T64] bus_probe_device+0x17f/0x1c0 [ 53.040811][ T64] device_add+0x1148/0x1a70 [ 53.040826][ T64] ? __pfx_device_add+0x10/0x10 [ 53.040841][ T64] ? mark_held_locks+0x49/0x80 [ 53.040858][ T64] usb_set_configuration+0x1187/0x1e20 [ 53.040882][ T64] ? __pfx_usb_generic_driver_probe+0x10/0x10 [ 53.040894][ T64] usb_generic_driver_probe+0xb1/0x110 [ 53.040906][ T64] usb_probe_device+0xec/0x3e0 [ 53.040920][ T64] ? __pfx_usb_probe_device+0x10/0x10 [ 53.040935][ T64] really_probe+0x241/0xa90 [ 53.040949][ T64] __driver_probe_device+0x1de/0x440 [ 53.040960][ T64] ? usb_driver_applicable+0x1c7/0x220 [ 53.040977][ T64] driver_probe_device+0x4c/0x1b0 [ 53.040990][ T64] __device_attach_driver+0x1df/0x310 [ 53.041004][ T64] ? __pfx___device_attach_driver+0x10/0x10 [ 53.041015][ T64] bus_for_each_drv+0x159/0x1e0 [ 53.041032][ T64] ? __pfx_bus_for_each_drv+0x10/0x10 [ 53.041049][ T64] ? lockdep_hardirqs_on+0x7c/0x110 [ 53.041064][ T64] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 53.041079][ T64] __device_attach+0x1e4/0x4b0 [ 53.041092][ T64] ? __pfx___device_attach+0x10/0x10 [ 53.041105][ T64] ? do_raw_spin_unlock+0x172/0x230 [ 53.041123][ T64] bus_probe_device+0x17f/0x1c0 [ 53.041135][ T64] device_add+0x1148/0x1a70 [ 53.041151][ T64] ? __pfx_device_add+0x10/0x10 [ 53.041165][ T64] ? usb_detect_static_quirks+0x335/0x3e0 [ 53.041179][ T64] ? __usb_get_extra_descriptor+0x158/0x1c0 [ 53.041198][ T64] usb_new_device+0xd07/0x1a20 [ 53.041214][ T64] ? do_raw_spin_lock+0x12c/0x2b0 [ 53.041229][ T64] ? __pfx_usb_new_device+0x10/0x10 [ 53.041244][ T64] ? mark_held_locks+0x49/0x80 [ 53.041259][ T64] hub_event+0x2eb7/0x4fa0 [ 53.041287][ T64] ? __pfx_hub_event+0x10/0x10 [ 53.041301][ T64] ? debug_object_deactivate+0x1ec/0x3a0 [ 53.041319][ T64] ? rcu_is_watching+0x12/0xc0 [ 53.041331][ T64] process_one_work+0x9cc/0x1b70 [ 53.041353][ T64] ? __pfx_hcd_resume_work+0x10/0x10 [ 53.041368][ T64] ? __pfx_process_one_work+0x10/0x10 [ 53.041389][ T64] ? assign_work+0x1a0/0x250 [ 53.041406][ T64] worker_thread+0x6c8/0xf10 [ 53.041427][ T64] ? __kthread_parkme+0x19e/0x250 [ 53.041440][ T64] ? __pfx_worker_thread+0x10/0x10 [ 53.041457][ T64] kthread+0x3c5/0x780 [ 53.041472][ T64] ? __pfx_kthread+0x10/0x10 [ 53.041486][ T64] ? __pfx_kthread+0x10/0x10 [ 53.041500][ T64] ? __pfx_kthread+0x10/0x10 [ 53.041514][ T64] ? __pfx_kthread+0x10/0x10 [ 53.041528][ T64] ? rcu_is_watching+0x12/0xc0 [ 53.041537][ T64] ? __pfx_kthread+0x10/0x10 [ 53.041552][ T64] ret_from_fork+0x48/0x80 [ 53.041562][ T64] ? __pfx_kthread+0x10/0x10 [ 53.041577][ T64] ret_from_fork_asm+0x1a/0x30 [ 53.041599][ T64] [ 53.041603][ T64] ---[ end trace ]--- [ 53.299179][ T64] Kernel panic - not syncing: UBSAN: panic_on_warn set ... [ 53.301460][ T64] CPU: 1 UID: 0 PID: 64 Comm: kworker/1:1 Not tainted 6.15.0-rc6-syzkaller-00105-g088d13246a46 #0 PREEMPT(full) [ 53.305114][ T64] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 53.308475][ T64] Workqueue: usb_hub_wq hub_event [ 53.310072][ T64] Call Trace: [ 53.311135][ T64] [ 53.312095][ T64] dump_stack_lvl+0x3d/0x1f0 [ 53.313576][ T64] panic+0x71c/0x800 [ 53.314823][ T64] ? __pfx_panic+0x10/0x10 [ 53.316266][ T64] ? __pfx__printk+0x10/0x10 [ 53.317759][ T64] ? check_panic_on_warn+0x1f/0xb0 [ 53.319376][ T64] check_panic_on_warn+0xab/0xb0 [ 53.320973][ T64] __ubsan_handle_shift_out_of_bounds+0x2a6/0x420 [ 53.322953][ T64] __kfifo_alloc.cold+0x18/0x1d [ 53.324487][ T64] wacom_parse_and_register+0x28e/0x5d10 [ 53.326283][ T64] ? kfree+0x2b6/0x4d0 [ 53.327577][ T64] ? __pfx___might_resched+0x10/0x10 [ 53.329244][ T64] ? vfree+0x316/0x960 [ 53.330542][ T64] ? fetch_item+0x1bb/0x530 [ 53.331982][ T64] ? __pfx_wacom_parse_and_register+0x10/0x10 [ 53.333901][ T64] ? __pfx_hid_open_report+0x10/0x10 [ 53.335555][ T64] ? mark_held_locks+0x49/0x80 [ 53.337108][ T64] ? lockdep_init_map_type+0x5c/0x280 [ 53.338815][ T64] wacom_probe+0xa1c/0xe10 [ 53.340230][ T64] ? __pfx_wacom_probe+0x10/0x10 [ 53.341803][ T64] hid_device_probe+0x357/0x710 [ 53.343346][ T64] ? __pfx_hid_device_probe+0x10/0x10 [ 53.345045][ T64] really_probe+0x241/0xa90 [ 53.346523][ T64] __driver_probe_device+0x1de/0x440 [ 53.348196][ T64] driver_probe_device+0x4c/0x1b0 [ 53.349790][ T64] __device_attach_driver+0x1df/0x310 [ 53.351480][ T64] ? __pfx___device_attach_driver+0x10/0x10 [ 53.353345][ T64] bus_for_each_drv+0x159/0x1e0 [ 53.354893][ T64] ? __pfx_bus_for_each_drv+0x10/0x10 [ 53.356635][ T64] ? lockdep_hardirqs_on+0x7c/0x110 [ 53.358294][ T64] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 53.360126][ T64] __device_attach+0x1e4/0x4b0 [ 53.361647][ T64] ? __pfx___device_attach+0x10/0x10 [ 53.363320][ T64] ? do_raw_spin_unlock+0x172/0x230 [ 53.364988][ T64] bus_probe_device+0x17f/0x1c0 [ 53.366558][ T64] device_add+0x1148/0x1a70 [ 53.368019][ T64] ? __pfx_device_add+0x10/0x10 [ 53.369572][ T64] ? debugfs_create_file_full+0x41/0x60 [ 53.371323][ T64] hid_add_device+0x373/0xa60 [ 53.372833][ T64] ? __pfx_hid_add_device+0x10/0x10 [ 53.374475][ T64] ? lockdep_init_map_type+0x5c/0x280 [ 53.376199][ T64] ? lockdep_init_map_type+0x5c/0x280 [ 53.377912][ T64] usbhid_probe+0xd38/0x13f0 [ 53.379373][ T64] usb_probe_interface+0x300/0x9c0 [ 53.381011][ T64] ? __pfx_usb_probe_interface+0x10/0x10 [ 53.382762][ T64] really_probe+0x241/0xa90 [ 53.384209][ T64] __driver_probe_device+0x1de/0x440 [ 53.386022][ T64] driver_probe_device+0x4c/0x1b0 [ 53.387652][ T64] __device_attach_driver+0x1df/0x310 [ 53.389453][ T64] ? __pfx___device_attach_driver+0x10/0x10 [ 53.391393][ T64] bus_for_each_drv+0x159/0x1e0 [ 53.392973][ T64] ? __pfx_bus_for_each_drv+0x10/0x10 [ 53.394683][ T64] ? lockdep_hardirqs_on+0x7c/0x110 [ 53.396331][ T64] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 53.398194][ T64] __device_attach+0x1e4/0x4b0 [ 53.399717][ T64] ? __pfx___device_attach+0x10/0x10 [ 53.401387][ T64] ? do_raw_spin_unlock+0x172/0x230 [ 53.403035][ T64] bus_probe_device+0x17f/0x1c0 [ 53.404589][ T64] device_add+0x1148/0x1a70 [ 53.406063][ T64] ? __pfx_device_add+0x10/0x10 [ 53.407599][ T64] ? mark_held_locks+0x49/0x80 [ 53.409132][ T64] usb_set_configuration+0x1187/0x1e20 [ 53.410853][ T64] ? __pfx_usb_generic_driver_probe+0x10/0x10 [ 53.412765][ T64] usb_generic_driver_probe+0xb1/0x110 [ 53.414470][ T64] usb_probe_device+0xec/0x3e0 [ 53.415982][ T64] ? __pfx_usb_probe_device+0x10/0x10 [ 53.417687][ T64] really_probe+0x241/0xa90 [ 53.419104][ T64] __driver_probe_device+0x1de/0x440 [ 53.420765][ T64] ? usb_driver_applicable+0x1c7/0x220 [ 53.422469][ T64] driver_probe_device+0x4c/0x1b0 [ 53.424065][ T64] __device_attach_driver+0x1df/0x310 [ 53.425783][ T64] ? __pfx___device_attach_driver+0x10/0x10 [ 53.427636][ T64] bus_for_each_drv+0x159/0x1e0 [ 53.429181][ T64] ? __pfx_bus_for_each_drv+0x10/0x10 [ 53.430875][ T64] ? lockdep_hardirqs_on+0x7c/0x110 [ 53.432525][ T64] ? _raw_spin_unlock_irqrestore+0x3b/0x80 [ 53.434343][ T64] __device_attach+0x1e4/0x4b0 [ 53.435880][ T64] ? __pfx___device_attach+0x10/0x10 [ 53.437555][ T64] ? do_raw_spin_unlock+0x172/0x230 [ 53.439197][ T64] bus_probe_device+0x17f/0x1c0 [ 53.440735][ T64] device_add+0x1148/0x1a70 [ 53.442170][ T64] ? __pfx_device_add+0x10/0x10 [ 53.443711][ T64] ? usb_detect_static_quirks+0x335/0x3e0 [ 53.445495][ T64] ? __usb_get_extra_descriptor+0x158/0x1c0 [ 53.447360][ T64] usb_new_device+0xd07/0x1a20 [ 53.448890][ T64] ? do_raw_spin_lock+0x12c/0x2b0 [ 53.450462][ T64] ? __pfx_usb_new_device+0x10/0x10 [ 53.452091][ T64] ? mark_held_locks+0x49/0x80 [ 53.453625][ T64] hub_event+0x2eb7/0x4fa0 [ 53.455049][ T64] ? __pfx_hub_event+0x10/0x10 [ 53.456621][ T64] ? debug_object_deactivate+0x1ec/0x3a0 [ 53.458400][ T64] ? rcu_is_watching+0x12/0xc0 [ 53.459907][ T64] process_one_work+0x9cc/0x1b70 [ 53.461490][ T64] ? __pfx_hcd_resume_work+0x10/0x10 [ 53.463157][ T64] ? __pfx_process_one_work+0x10/0x10 [ 53.464851][ T64] ? assign_work+0x1a0/0x250 [ 53.466317][ T64] worker_thread+0x6c8/0xf10 [ 53.467793][ T64] ? __kthread_parkme+0x19e/0x250 [ 53.469386][ T64] ? __pfx_worker_thread+0x10/0x10 [ 53.470997][ T64] kthread+0x3c5/0x780 [ 53.472294][ T64] ? __pfx_kthread+0x10/0x10 [ 53.473771][ T64] ? __pfx_kthread+0x10/0x10 [ 53.475223][ T64] ? __pfx_kthread+0x10/0x10 [ 53.476717][ T64] ? __pfx_kthread+0x10/0x10 [ 53.478181][ T64] ? rcu_is_watching+0x12/0xc0 [ 53.479691][ T64] ? __pfx_kthread+0x10/0x10 [ 53.481164][ T64] ret_from_fork+0x48/0x80 [ 53.482569][ T64] ? __pfx_kthread+0x10/0x10 [ 53.484034][ T64] ret_from_fork_asm+0x1a/0x30 [ 53.485569][ T64] [ 53.487209][ T64] Kernel Offset: disabled [ 53.488610][ T64] Rebooting in 86400 seconds.. VM DIAGNOSIS: 17:19:53 Registers: info registers vcpu 0 CPU#0 RAX=dffffc0000000000 RBX=0000000000000001 RCX=ffffc90004700000 RDX=1ffff920008dfdbb RSI=ffffc900046fee28 RDI=ffffc900046fedd8 RBP=0000000000000000 RSP=ffffc900046fecd8 R8 =0000000000000001 R9 =0000000000000000 R10=0000000000000001 R11=00000000000060c4 R12=ffffc900046fede8 R13=ffffc900046fed98 R14=ffffc900046fee38 R15=ffffc900046fedcc RIP=ffffffff8169a7a1 RFL=00000246 [---Z-P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff8880977ea000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000800013c0 CR3=000000006eaf9000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000000020 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff854c3af5 RDI=ffffffff9ade1c40 RBP=ffffffff9ade1c00 RSP=ffffc9000083e4b0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000000 R12=0000000000000000 R13=0000000000000020 R14=ffffffff9ade1c00 R15=ffffffff854c3a90 RIP=ffffffff854c3b1f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880978ea000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f50b3528 CR3=0000000044c1a000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=00000000c0c1c200 Opmask01=00000000000000ff Opmask02=00000000fffffeff Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005617f7445ce0 00005617f7445ce0 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00005617f742d110 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f63ff1f1b20 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00000000ff000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007f63ff152c80 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3044303030303030 7041363530303030 3076313031306733 303030623a646968 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0030443030303030 3070413635303030 3030763130313067 33303030623a6469 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 410b080d0d0d0d0d 4b0c0d0c0d5a0e0d 0d0d5f0759545500 5341494c41444f4d ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 376273752f322e64 63685f796d6d7564 2f6d726f6674616c 702f736563697665 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 003a756b733a322e 392d3533712d6370 7276633a3174633a 554d45516e76633a ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 322e392d3533712d 63707276703a2939 3030322c39484349 2b35335128435064 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 7261646e6174536e 703a554d45516e76 733a302e3072623a 343130322f31302f ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 343064623a312b32 316f70627e322d33 2e36312e312d6e61 696265642d332e36 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 323032302c313032 302c394631302c32 4331302c38423130 2c464131302c4541 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=0000000000062f01 RBX=0000000000000002 RCX=ffffffff8b6973e9 RDX=0000000000000000 RSI=ffffffff8dbdccdf RDI=ffffffff8bf47460 RBP=ffffed1003b51910 RSP=ffffc9000047fdf8 R8 =0000000000000001 R9 =ffffed10056865bd R10=ffff88802b432deb R11=0000000000000000 R12=0000000000000002 R13=ffff88801da8c880 R14=ffffffff90851f10 R15=0000000000000000 RIP=ffffffff8b695c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff8880979ea000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=00000000f50b5da4 CR3=00000000506ae000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=00000000000567cd RBX=0000000000000003 RCX=ffffffff8b6973e9 RDX=0000000000000000 RSI=ffffffff8dbdccdf RDI=ffffffff8bf47460 RBP=ffffed10037f2000 RSP=ffffc9000048fdf8 R8 =0000000000000001 R9 =ffffed10056a65bd R10=ffff88802b532deb R11=0000000000000000 R12=0000000000000003 R13=ffff88801bf90000 R14=ffffffff90851f10 R15=0000000000000000 RIP=ffffffff8b695c7f RFL=00000282 [--S----] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff888097aea000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 00000fff CR0=80050033 CR2=0000000000000000 CR3=0000000068b41000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000