last executing test programs: 3.149864717s ago: executing program 0 (id=279): r0 = syz_init_net_socket$llc(0x1a, 0x0, 0x0) accept4$llc(r0, 0x0, &(0x7f0000000040), 0x80000) socket$nl_netfilter(0x10, 0x3, 0xc) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$PROG_LOAD(0x5, 0x0, 0x0) sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) r4 = syz_init_net_socket$nl_generic(0x10, 0x3, 0x10) r5 = syz_genetlink_get_family_id$netlbl_unlabel(&(0x7f0000003100), r4) sendmsg$NLBL_UNLABEL_C_STATICREMOVE(r4, &(0x7f0000003240)={0x0, 0x0, &(0x7f0000003200)={&(0x7f0000000300)=ANY=[@ANYBLOB='P\x00\x00\x00', @ANYRES16=r5, @ANYBLOB="010000000000000000000400000014000200fc000000000000000000000000000000140006006272696467655f736c6176655f31000014000300fe88000000000000000000000000000129c42e74ab50cdb1388217734e96ab39b03d786b1197aa48ccf30b80a9357c742323f0dd2daec038bd82d3ced6d2b34e909701a841"], 0x50}}, 0x0) r6 = syz_open_dev$usbmon(&(0x7f00000001c0), 0x5, 0x500) ioctl$MON_IOCG_STATS(r6, 0x80089203, &(0x7f0000000240)) openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) ioctl$KVM_IRQFD(0xffffffffffffffff, 0x4020ae76, 0x0) socket$kcm(0x10, 0x3, 0x10) r7 = openat$ptmx(0xffffffffffffff9c, &(0x7f0000000180), 0x482, 0x0) ioctl$TCSETS(r7, 0x5402, &(0x7f0000000000)={0x0, 0x0, 0x0, 0x0, 0x0, "db8f2d2b3b7596160c6981acf8805944823a7f"}) write$binfmt_aout(r7, 0x0, 0xff2e) ioctl$TCSETS(r7, 0x40045431, 0x0) ioctl$TCSETS(r7, 0x5402, &(0x7f0000000080)={0x0, 0xfffffffd, 0x0, 0x6, 0x1, "e315bc1cc24ff7b7cdb242e1ff0aa6905446b3"}) 2.285894084s ago: executing program 0 (id=289): r0 = openat$dsp(0xffffffffffffff9c, &(0x7f00000003c0), 0x101a02, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) r1 = openat$vmci(0xffffffffffffff9c, &(0x7f0000000180), 0x2, 0x0) ioctl$IOCTL_VMCI_VERSION2(r1, 0x7a7, &(0x7f00000001c0)=0x10000) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r2 = getpid() sched_setscheduler(r2, 0x2, &(0x7f0000000480)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r3, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r4, &(0x7f0000000000), 0x651, 0x0) r5 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000000), 0xea042, 0x0) ioctl$TIOCGRS485(r5, 0x542e, 0x0) recvmmsg(r3, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) r6 = fsopen(&(0x7f0000000000)='rpc_pipefs\x00', 0x0) fsconfig$FSCONFIG_CMD_CREATE(r6, 0x6, 0x0, 0x0, 0x0) r7 = socket$inet6_sctp(0xa, 0x801, 0x84) connect$inet6(r7, &(0x7f0000000000)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) socket$nl_route(0x10, 0x3, 0x0) socket$nl_generic(0x10, 0x3, 0x10) close_range(r0, 0xffffffffffffffff, 0x0) 1.899878815s ago: executing program 0 (id=291): r0 = socket$inet6_mptcp(0xa, 0x1, 0x106) sendto$inet6(r0, 0x0, 0x0, 0x24000000, &(0x7f0000000080)={0xa, 0x0, 0x0, @dev, 0x8}, 0x1c) ioctl$BTRFS_IOC_SET_RECEIVED_SUBVOL(0xffffffffffffffff, 0xc0c89425, &(0x7f00000000c0)={"6957608d766cfff5c3a6653d8900", 0x0, 0x0, {0x4, 0xc}, {0x7, 0xc00000}, 0x5, [0x3, 0x6, 0x7ff, 0x6, 0x0, 0x10000400, 0x9, 0x2, 0x8, 0x6, 0x6, 0x8000082, 0x10, 0xbd, 0x7, 0x9]}) poll(&(0x7f0000000000), 0x20000000000000b5, 0x9) 1.849730389s ago: executing program 2 (id=294): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000080)=0x8) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$MAP_CREATE(0x0, 0x0, 0x0) r3 = syz_pidfd_open(0x0, 0x0) setns(r3, 0x24020000) syz_clone3(&(0x7f0000000440)={0x11f000400, 0x0, 0x0, 0x0, {0x3f}, 0x0, 0x0, 0x0, 0x0}, 0x58) getrandom(&(0x7f00000001c0)=""/20, 0x14, 0x0) 1.229830957s ago: executing program 3 (id=296): openat$binfmt_register(0xffffffffffffff9c, 0x0, 0x1, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000380)={0x11, 0x4, 0x0, &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r0, &(0x7f0000000400)={0x0, 0x0, &(0x7f00000003c0)={&(0x7f0000001b40)=ANY=[@ANYBLOB="f8000000180001000000000000000000ac1e000100"/48, @ANYRES32=0x0, @ANYRES32=0x0, @ANYBLOB="200100df2900000000000000000000000000000000000000ac141400"/176], 0xf8}}, 0x0) prlimit64(0x0, 0x3, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x8) getpid() socketpair$unix(0x1, 0x2, 0x0, &(0x7f00000000c0)) syz_open_dev$video(&(0x7f0000000080), 0x40007, 0x62a383) r1 = openat$binderfs(0xffffffffffffff9c, &(0x7f00000000c0)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r1, 0x4018620d, &(0x7f0000000100)) r2 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000140)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$BINDER_WRITE_READ(r2, 0xc0306201, &(0x7f0000000080)={0x8, 0x0, &(0x7f0000000400)=[@increfs], 0x0, 0x0, 0x0}) r3 = dup3(r2, r1, 0x0) r4 = openat$binderfs(0xffffffffffffff9c, &(0x7f0000000040)='./binderfs/binder0\x00', 0x0, 0x0) ioctl$CEC_ADAP_S_LOG_ADDRS(0xffffffffffffffff, 0xc05c6104, 0x0) r5 = socket$inet6_tcp(0xa, 0x1, 0x0) listen(r5, 0x3) syz_emit_ethernet(0x3e, &(0x7f00000009c0)={@local, @link_local, @void, {@ipv4={0x800, @tcp={{0x5, 0x4, 0x0, 0x0, 0x30, 0x0, 0x0, 0x0, 0x6, 0x0, @rand_addr=0x64010101, @local}, {{0x0, 0x4e22, 0x41424344, 0x41424344, 0x0, 0x6, 0x7, 0x0, 0x0, 0x0, 0x0, {[@fastopen={0x22, 0x7, "be84e88709"}]}}}}}}}, 0x0) mmap$binder(&(0x7f0000ffd000/0x3000)=nil, 0x3000, 0x1, 0x11, r4, 0x0) ioctl$BINDER_SET_CONTEXT_MGR_EXT(r4, 0x4018620d, &(0x7f0000004a80)={0x73622a85, 0x100, 0x1}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000004c0)={0x8, 0x0, &(0x7f0000000000)=[@acquire], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r3, 0xc0306201, &(0x7f00000001c0)={0x4c, 0x0, &(0x7f0000000fc0)=[@transaction_sg={0x40486311, {0x1, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x48, 0x18, &(0x7f0000000300)={@flat=@weak_binder={0x77622a85, 0x100a, 0x8000000000}, @flat=@weak_binder={0x77622a85, 0x1100, 0x3}}, &(0x7f0000000200)={0x0, 0x18, 0x30}}}], 0x0, 0x0, 0x0}) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x50, 0x0, &(0x7f0000000580)="b3185d7bb56f70f003360fa8bf71ac3086aedebf6fff904f92849a7a07395ee7f0e4cb1d78001c08a0ab73ffcf5ad07693727980eea946e6cba1723e81bfa5c3688803c8a124dcb27df7938e7ddfdd52"}) ioctl$BINDER_WRITE_READ(r4, 0xc0306201, &(0x7f0000004a40)={0x44, 0x0, &(0x7f00000049c0)=[@transaction={0x40406300, {0x3, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}}], 0x0, 0x0, 0x0}) 1.229435494s ago: executing program 3 (id=298): r0 = syz_io_uring_setup(0x10d, &(0x7f0000000140)={0x0, 0x0, 0x0, 0x4, 0x1e3}, &(0x7f00000004c0)=0x0, &(0x7f0000000280)=0x0) syz_memcpy_off$IO_URING_METADATA_GENERIC(r1, 0x4, &(0x7f0000000080)=0xfffffffc, 0x0, 0x4) syz_io_uring_submit(r1, r2, &(0x7f00000002c0)=@IORING_OP_CONNECT={0x10, 0xa, 0x0, 0xffffffffffffffff, 0x0, 0x0}) bpf$MAP_CREATE(0x0, &(0x7f00000009c0)=ANY=[@ANYBLOB="0200000004000000060000"], 0x48) bpf$PROG_LOAD(0x5, 0x0, 0x0) bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) io_uring_enter(r0, 0x47f9, 0x0, 0x0, 0x0, 0x0) clock_nanosleep(0x2, 0x0, &(0x7f0000000100)={0x77359400}, 0x0) 1.050013768s ago: executing program 1 (id=299): r0 = socket$nl_route(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000040)={&(0x7f00000007c0)=ANY=[@ANYBLOB="380000005400e501000000000000000007000000", @ANYRES32, @ANYBLOB="20000100", @ANYRES32], 0x38}, 0x1, 0x0, 0x0, 0x1}, 0x10) 1.049817535s ago: executing program 0 (id=300): r0 = openat$adsp1(0xffffffffffffff9c, &(0x7f0000000080), 0x240, 0x0) setxattr(&(0x7f0000000080)='./file0\x00', &(0x7f00000001c0)=@known='security.apparmor\x00', &(0x7f0000000240)='/dev/ttyS3\x00', 0xb, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x88}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r1 = getpid() sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x7) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) sched_setscheduler(0x0, 0x2, &(0x7f0000000000)=0x6) prctl$PR_SET_SECCOMP(0x16, 0x2, &(0x7f00000002c0)={0x1, &(0x7f00000000c0)=[{0x200000000006, 0x0, 0x0, 0x7ffc1ffb}]}) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000880)={&(0x7f0000000a80)='kfree\x00'}, 0x10) r4 = syz_open_procfs(0x0, &(0x7f0000000100)='net/ip_vs_stats\x00') preadv(r4, 0x0, 0x0, 0x0, 0x70f0) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) getuid() sendmsg$nl_xfrm(r5, 0x0, 0x40080) r6 = openat$ttyS3(0xffffffffffffff9c, &(0x7f0000000040), 0x0, 0x0) ioctl$BTRFS_IOC_INO_LOOKUP_USER(r6, 0x5453, 0x0) bpf$PROG_LOAD(0x5, &(0x7f000000e000)={0x18, 0x4, &(0x7f00000003c0)=ANY=[], 0x0, 0x2, 0xc3, &(0x7f000000cf3d)=""/195, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) openat$vga_arbiter(0xffffffffffffff9c, &(0x7f0000000080), 0x1c0002, 0x0) read(r0, &(0x7f0000000400)=""/255, 0xff) 1.049756328s ago: executing program 1 (id=301): r0 = syz_open_dev$tty1(0xc, 0x4, 0x1) ioctl$TCSETS2(r0, 0x402c542b, 0x0) r1 = dup(r0) write$UHID_INPUT(r1, &(0x7f0000002080)={0xc, {"a2e3ad21ed0d52f91b5d340987f70e06d038e7ff7fc6e5539b3247298b089b070d356e090890e0878f0e1ac6e7049b334a959bfc9a240d2567f3988f7ef319520100ffe8d178708c523c921b1b9b31070d075d0936cd3b78130daa61d8e809ea882f5802b77f07227227b7ba67e0e78657a6f5c2a874e62a9ccdc0d31a0c9f318c0da1993bd160e233df4a62179c6f30e065cd5b91cd0ae193973735b36d5b1b63dd1c00305d3f46635eb056d5b1dda98e2d749be7bd1df1fb3b231fdcdb5075a9aaa1b469c3090000000000000075271b286329d169934288fd789aa37d6e98b224fd44b65b31334ffc55cc82cd3ac32ecdb08ced6f9081b4dd0d8b38f3cd4498be0800000000000000f6b76383709d8f5c55432a909fda039aec54a1236e80f6a8abadea7662496bddbb42be6bfb2f17959d1f416e56c71b1931870262f5e801119242ca026bfc821e7e7daf2451138e645bb80c617669314e2fbe70de98ec76a9e40dad47f36fd9f7d0d42a4b5f1185ccdcf16ff46295d8a0fa17713c5802630933a9a34af674f3f39fe23491237c08822dec110911e893d0a8c4f677747abc360934b82910ff85bfd995083bba2987a67399eac427d145d546a40b9f6ff14ac488ec130fb3850a27af9544ae15a7e454dea05918b41243513f000000000000000a3621c56cea8d20fa911a0c41db6efcffac64f17679141d54b34bbc9963ac4f4bb3309603f1d4ab966203861b5b15a841f2b575a8bd0d78248ebe4d9a80002695104f674c2431dca141fae269cab70e9a66f3c3a9a63e9639e1f59c0ec126c6b5d74b078a5e15c31634e5ae098ce9ee70771aaa18119a867e1088334975e9f73483b6a62fa678ca14ffd9f9db2a7869d85864056526f889af43a6056080572286522449df466c632b3570243f989cce3803f465e41e610c20d80421d653a5520000008213b704c7fb082ff27590678ef9f190bae97909507041d860420c5664b27921b14dc1db8892fd32d0ad7bc946813591ad8deff4b05f60cea0da7710ac0000000000008000bea37ce0d0d4aa202f928f28381aab144a5d429a04a6a2b8247068ae949ed06e288e810bac9c76600025e19c907f8ea2e2010000008271a1f5f8528f227e79c1389dbdfffe492f21579d2c15b8c70cdb1c332d86d87341432750861ec2bc3451edca194b221cfec4603d276bbaa1dfa6d4fb8a48a76eafc9a9a0270e4c10d64cd5a62427264f2377fe763c43470833ac96c45f357cbbaba8f1b1fdcc7cbb61a7cdb9744ed7f9129aede2be21ccfdc4e9134f8684b3a4f354da9a795e96334e207dff70f1988037b2ed3aaf575c0b88d8f146684078416d59fdee5325928974d12dad99dac44c3f0008047096a44002bebc2420aed92fa9b6578b4779415d97b9a6d6d5495c198045651cf4778efa5ea5677747430af4162b987b80c3e001cd34e5c92f76cc4c24eeb8bc4e9ac2aed9e53803ed0ca4ae3a9737d214060005ea6f1783e287b3bee96e3a726eafe2fdfaa78d1f48c13b64df07847754b8400daaa69bf5c8f4350aeae9ca1207e78283cd0b20ceb360c7e658828163e2d25c4aa348561f927e88f63aa70e73a5e69b3df3495903f06572e1e007fa55a2999f596d067312f5779e8dbfdcf3427138f3d444d2639a10477f9bec4b0bbb6e3c04be68981f392203dd0ee3ef478e16dacfc5e3e03cf7ab8e3902f1b0ff034ef655b253ca509383815b1b6fc6522d4e4fdc11a48cf42d48604675fde2b94cf00500a2690891abf8ab9c015073014d9e08d4338b8780bdecd436cf0541359bafffa45237f104b96210403b2de9efed496f42355bc7872c827467cfa5c4e72730d56bd068ed211cf847535edecb7b373f78b095b68441a34cb51682a8ae4d24ad0465f3927f889b813076038e79a7962fb385a882e8020f06c4c2ba1dd5cac7c18876da865d258734dd73583df292892448039ef799cf0630becdcce04579b5561dc825ab829827945e020c1f67ee615feb6243378e0610060f02cca4e91b2f001edb3d78fb4b55668dda93aec92a5de203717aa49c2d284acfabe262fccfcbb2b75a2183c46eb65ca8104e1b4da7fbb77ab2fc043aead87c32ab875ee7c2e7b7019c982cd3b43eaeb1a5fb135c0c7dcee8fe6516a328032f88c042891824659e9e94265c803b35ee5f83a2b210520106b8a358b50ab7a1fa89af9c251fe5294b3d1802d5676d95f160ec97b1ad94872cb2044642c37b4a6cc6c04effc1672db7e4b68d787d9a7a508ae54b3cd7369dde50e8c77d95a3d361c040babb171607caac2a3559ad4f75465f49c0d0ae3716db6e00cb11db4a5fade2a57c10238e204a67737c3b42aae501b20f7694a00f16e2d0174035a2c22656dc29880acebdbe8ddbd75c2f998d8ac2dfad2ba3a504767b6b45a45957f24d758ed024b3849c11d412a2a03b4047497022d9c30e23ef4df5c89644f48bb536f7945b59d7beddff754413d135273ea8e75f22f216c6b9990ae71806f2c00b4025c48b75c0f73cdb9a7b8fa367b50028067e7f16f4dd569d462f4f19eacdb3ed70eeebb4483f8fd777d443e8b40426db6fe29068c0ca3d2414442e8f3a154704b0e51bc664a137b26be719f4f7c9a5678a674dfc95df80b9ce375dd649c8c704e509bd88c8e63d8c7dd67071115c8982ba46af4d6adcc9f68a75b9397b035153faf46366e7205dd8d6f37525c1a0e94610dd94323f6c15d085197149bfd6655548cfd9c5409711937f79abb1a124f1210465483cd3b2d78378cfb85ed82e7da0f6eb6d279f2ae455925d0f6f1ba571eba281f2a654fb39ddff3b484439ff158e7c5419e037f3e3ad038f2211f1033195563c7f93cd54b9094f226e783271e1e5a2a2c10712eab625d64931cd4ffe6738d97b9b5ef828ee9fb059fc01af0e79c1e14b1d25988c69a399567c1d93768f7971d31488b8658a20878b7c1dd7ba02fc42939dde3d4a3339a65d507dc59c51097b40517705da56e9ebf0afa53282bf86dbb58c548069ff6eb95aade7cc66d7bbef724779ca1f731b3346ff177050373d79ff7b3e7f9bc0c1b4b266a8878b90baaa039d3e3b63979ac3df6e6f4859afd50238c7547a39b60810938044ae185d2ba3e00a4e73676864ae090d81eaee5ee6cf1d0ab378dd4dd891e937c2ea5410e0513005000000000000003911fab964c271550027697b52160687461602f88df165d884b36ec2b6c25a2f33c715687e9d4afb96d6861aca47da73d6f3144345f48843dd014e5c5ad8fe995754bd9cf32fce1e24919c4b2082fb0a30b9deae84bed4b28045634073c9c58c89d9e99c81769177c6d594f88a4facfd4c735a20307c737afae5136651b1b9bd522d60399473296b831dbd933d93994ba3064279b10ea0c5833f41f157ea2302993dbe433b1aa3a3766d5439020484f4113c4c859465c3b415c3432f81db8719539d5bf3f2aaaea1cc43a6c5cbe59758bfee2916580dac4b008e595f437491d87abed02cefcd9db53d94d02dae17b118e5d6787463183b4b87c1050000002f7809959bc048850613d17ca51055f2f416a44fe180d2d50c312cca7cb14a2bdc331f57a9817139a206fc76957227ffff2de20a4b8e3737fbb42913777c06376f799eba367e21f94ca598705f5dcb767d6f0900d6b0f6095e53c4c4234d0c1fbe434f6ab8f43c0013ee93b83946ee7759e89d7bdd1a32d7b311711b757fe43c06d21a35810d8fe98b27faea8aa12bc8716eefc5c97c45ac33eeec964c5214bc3a9359bdea1cccab94f15e36319cb34ebcacedb82c2ed3de5a8a8f0011e8f74e82d7f96093530e76692839d7961939adfdeeeaff19d11efcafb6d546fef271e89d6cc2389e81ff58cefcce3fbf4625a7e7de40e42e07b34449e15e065cc7348663a52190202c7af288a4510de03dab19d26285eda89156d50dd385a60333ba5bbf5d77cd7007ad1519ad5470de3dd6d6080cafccf8a97406bb6b68a1f0c4549820a73c880f475f00000000000000000000b7807fb33b72685ec37a2d3f766413a60459516246e5a1d998a2017aef0948a68cf255315ab80dd349e891aef595dc4d470e8ac32a308e15fc37d06aeac289c0523f483e1ff7408c6087f1ab652f2ef91d4f2b01987b0f46da034e5c3f745a7ee8101a3934c54e24b48ec0275e2d0687dc746b0827cbf652f406c6b95f2722e58c05f752ce2126596e1cd7655b904801784c416b22f73d324678e2724f43f1fe687c7e8a60c28b82b6528341b648cdd56fed7cdcbb1575912d5ecd36dea3bca0b7427d53588a0f9455e8f8d2ab2242729251ae033a9e02210e62df0546a74b333a1c48f95fd54acb5741259e8c5488efeee327415cc19451432c6f14c27693102a3cd84857cd6586fc5ca9a93eb0145fac0662ff86107f998a8ef7df8aa14046c55b03d3d47f88a8d60f7774a2ee08758897fb411a94b3c2fc5d5f0db42c0456ec015f08e5247d33ae2d35603ff8454c16f8342856935125102bb784ed7148b6ce431b63ee356b0c785f2f47b90e29389f22fc5b59a70efaea2bd40195af4486220d664130bfc43c10ec23ea6283994a7dde4dcb61fea6b651fb1d62458d0741a12830052fcc460db043afe525629b40d7cee458e4cb5e930ed624806c43a006e39336d07c2b8081c128ad2706f48261f7899484c297a1a6613bc18f5a38d442768af38041efe03d152ef95ff569e76db2391f4509d7f339d92fdb4a89364949da398000000000000000d80a4fe654578376e599aff3565b1d531f30912b9945030b81ea9935fd46edb44a78f615255490a4b621501f2a9e4d24624c4dac9274118c67584f5d374755534d7f68f679c4ff516a9c861a0e7e65868fcb2bf1cb9aea4e05df72279fdb0d2b9e935c5af3cf474bed79dfc248c1f5aea4b8b32c5d295e57079d0fe662a46b7f71cd47744db86c50b704c971d90295c7b2c7439a2d78ccfa79b5fc2bff6bbf840262bf89394b3e0691953264d2700c838fa2c7b3425260f59554e502dcea39cb313b0000000000004ca7c12f45858d6284ca6270d6b2f0e58fded8a7b4a302a97bc641df07720ba2b26bbfcc807ca0abb1b44322269c21c5ec68cb068ea88067d905ea917bb03eefdaebdeabf2d0dce80997c915c8949de992587c2cb5fe36d7d3e5db21b094b8b77940b5f07722e47a08d367e5f84c96ec664b72934b99b3109af65d77e86abd6859cddf4bbae1f0930462df15fddbc48562ea3511a8065ef028cf12f14dcf6ea4cd8d884836174faf1aa609e5f1ee1162dfa13bdc1fa7cfaadba85c72e9758f031755d0be53f8d2a1dfb1c68cc164b0a0780d971a96ea2c4d4ca0398c2235980a9307b3d5bd3b01faffd0a5dbed2881a9700af561ac8c7e36bb2fc4c40e9cf96f06817fb903729a7db6ff957697c9ede7885d94ffb0969be0daf60af93109eb24ee72e4363f51af62af6fb2a6df3bec89822a7a0b678058fa3fef86faec216eb6992162f8dcbf719c148cd2f9c55f4901203a9a8a2c3e90f3943dbc10360a1a49700d1dfbf66d69f6fbaf506c8bcce8bb0d872a02238926407a4eddd5d0fc5a752f9000", 0x1000}}, 0x1006) 969.6478ms ago: executing program 1 (id=302): syz_open_dev$tty1(0xc, 0x4, 0x1) sendmsg$nl_route_sched(0xffffffffffffffff, &(0x7f0000000080)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x804}, 0x0) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x4) r1 = bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000240)={0x11, 0x3, &(0x7f0000000300)=ANY=[@ANYBLOB="1800000000000000000000000000000095"], &(0x7f0000000000)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000200)={&(0x7f00000004c0)='contention_begin\x00', r1}, 0x10) sendmsg$nl_generic(0xffffffffffffffff, &(0x7f0000000180)={0x0, 0x0, 0x0, 0x1, 0x0, 0x0, 0x4004004}, 0x40) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeef, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@file={0x0, './file0\x00'}, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x400000000000041, 0x0) sched_setaffinity(r0, 0x0, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$alg(0x26, 0x5, 0x0) bind$alg(r4, &(0x7f0000000480)={0x26, 'hash\x00', 0x0, 0x0, 'nhpoly1305-sse2\x00'}, 0x58) setsockopt$ALG_SET_KEY(r4, 0x117, 0x1, &(0x7f0000000000)="8a", 0x440) r5 = socket$nl_xfrm(0x10, 0x3, 0x6) sendmsg$nl_xfrm(r5, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000100)={0x0, 0x3c}}, 0x0) 969.458039ms ago: executing program 2 (id=303): r0 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r0, &(0x7f0000000040)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f00000001c0)={0x114, 0x2d, 0x1, 0x0, 0x0, "", [@nested={0x101, 0x0, 0x0, 0x1, [@typed={0xc, 0x0, 0x0, 0x0, @u64}, @typed={0x14, 0x1, 0x0, 0x0, @ipv6=@loopback={0x300000000000000}}, @generic="50bb2d6f67d29d6fabadb107d0def49c88ea04abde1d5e8d3fb22a1b5046778bdafefc46b0449ade68bf84b36ec72dd71265fc2e882348c26c2126237dd5b37f5ae655b1086cda40e00aec58754734be31d750351dc076eb43d9621dc08c029d1608a487f26fbe816b89f7cb81bff81a8b9482565856555ee923c65973deb0a99b962bc0fe94a3fcae3697bd7b85b3a682167c43dbf137115a40ebddcad74875ec58e9a3ddb9ad02a078cf0d972df9e99f079767734f69ce475f55ac64337803f5eb4e5842f4d98fe3fa370d47eb640dc5061dc35817c8a66c29be82fd"]}]}, 0x114}], 0x1}, 0x0) 969.376059ms ago: executing program 2 (id=304): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x80003, 0x0) write(r1, &(0x7f0000000000)="240000001a005f0214f9f407000904000a00", 0x12) dup2(r0, r1) 910.047358ms ago: executing program 2 (id=305): creat(&(0x7f0000000040)='./file0\x00', 0x0) mount(&(0x7f0000000000)=@nullb, &(0x7f00000001c0)='./file0\x00', &(0x7f0000000200)='ufs\x00', 0x0, &(0x7f0000000080)='\fL\x00\xe7DW\xa0t\a\xb5\xf4\x0fS\xd6TF\x19\x9cQ)\x84R\x00\xa1\xb1\x0f\xee') 909.816707ms ago: executing program 2 (id=306): sendmsg$NL80211_CMD_CONNECT(0xffffffffffffffff, 0x0, 0x6004080) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x20000008b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f0000000180)=@file={0x0, '.\x00'}, 0x6e) sendmmsg$unix(r2, &(0x7f00000bd000), 0x318, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) mknod$loop(0x0, 0x10, 0x1) sched_setscheduler(0x0, 0x2, &(0x7f0000000200)=0x4) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000200)={0x18, 0x4, &(0x7f00000002c0)=ANY=[@ANYBLOB="18010000000000000000000000000000850000006d00000095"], &(0x7f0000000100)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, 0x2, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x90) socket$packet(0x11, 0x3, 0x300) socket$nl_route(0x10, 0x3, 0x0) socketpair(0x1, 0x5, 0x0, &(0x7f0000000040)) r3 = openat$sw_sync(0xffffffffffffff9c, &(0x7f0000000340), 0x20882, 0x0) ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000000)={0x10ee2c, "f3c49242b0014e000e000032ff477efe0aa35700000000000000000f00", 0xffffffffffffffff}) ioctl$SW_SYNC_IOC_CREATE_FENCE(r3, 0xc0285700, &(0x7f0000000140)={0x1, "27d85592b6bfee2be57c8a209e5cfce2939c0b6b081aa505abcc55a7042fafc2", 0xffffffffffffffff}) ioctl$SYNC_IOC_MERGE(r4, 0xc0303e03, &(0x7f0000000080)={"fe0d1acce4a37ef94acd000200", r5, 0xffffffffffffffff}) bind$alg(0xffffffffffffffff, &(0x7f0000000040)={0x26, 'aead\x00', 0x0, 0x0, 'morus1280\x00'}, 0x58) r7 = syz_init_net_socket$nfc_llcp(0x27, 0x1, 0x1) bind$bt_hci(r7, &(0x7f0000000300)={0x27, 0x0, 0x1}, 0x6) listen(r7, 0x0) accept4(r7, 0x0, 0x0, 0x800) dup(r6) r8 = syz_init_net_socket$nl_rdma(0x10, 0x3, 0x10) sendmsg$netlink(r8, &(0x7f00000001c0)={0x0, 0x0, &(0x7f0000000000)=[{&(0x7f0000000740)=ANY=[@ANYBLOB="14020000140001002dbd7000000000000a"], 0x214}], 0x1}, 0x0) syz_open_procfs(r0, &(0x7f00000003c0)='net/vlan/vlan0\x00') mount$9p_fd(0x0, &(0x7f00000001c0)='.\x00', &(0x7f0000000180), 0x0, 0x0) 329.876664ms ago: executing program 3 (id=307): r0 = bpf$PROG_LOAD(0x5, &(0x7f00000000c0)={0x11, 0xc, &(0x7f0000000180)=ANY=[@ANYBLOB="180000000000000000000000e20000001801000020786c2500000000002020207b0af8ff00000000bfa100000000000007010000f8ffffffb702000008000000b70300"], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback=0x23, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000600)={&(0x7f00000005c0)='sys_enter\x00', r0}, 0x10) renameat2(0xffffffffffffffff, 0x0, 0xffffffffffffffff, 0x0, 0x0) 329.709902ms ago: executing program 3 (id=308): r0 = openat$nvram(0xffffffffffffff9c, &(0x7f0000000200), 0x100, 0x0) bind$tipc(r0, 0x0, 0x0) 329.60501ms ago: executing program 3 (id=309): sched_setscheduler(0x0, 0x2, 0x0) socketpair$unix(0x1, 0x2, 0x0, 0x0) connect$unix(0xffffffffffffffff, 0x0, 0x0) bpf$BPF_PROG_RAW_TRACEPOINT_LOAD(0x5, &(0x7f0000000300)={0x5, 0x5, 0x0, &(0x7f0000000100)='GPL\x00', 0x200, 0xfa, &(0x7f0000000580)=""/250, 0x40f00, 0x0, '\x00', 0x0, 0x0, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r0 = bpf$MAP_CREATE(0x0, &(0x7f0000001b00)=ANY=[@ANYBLOB="160000000000000004000000ff"], 0x48) bpf$PROG_LOAD_XDP(0x5, &(0x7f0000000680)={0x3, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="1800000000000000000000000000000818110000", @ANYRES32=r0, @ANYBLOB="0000000000000000b7080000000000007b8af8ff00000000bfa200000000000007020000f8ffffffb703000008000000b704000000000000850000005900000095"], 0x0, 0x0, 0x0, 0x0, 0x41100, 0x0, '\x00', 0x0, 0x25, 0xffffffffffffffff, 0x8, 0x0, 0x0, 0x10, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x10, 0x0, @void, @value}, 0x94) r1 = bpf$PROG_LOAD(0x5, &(0x7f00000008c0)={0x6, 0xc, &(0x7f0000000440)=ANY=[], &(0x7f0000000240)='GPL\x00', 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @xdp, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x90) bpf$BPF_PROG_TEST_RUN(0xa, &(0x7f00000002c0)={r1, 0xf, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x2}, 0x50) ioctl$KVM_SET_CPUID2(0xffffffffffffffff, 0x4008ae90, 0x0) 249.873427ms ago: executing program 3 (id=310): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r0 = getpid() sched_setaffinity(0x0, 0x8, &(0x7f00000002c0)=0x2) sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) bpf$BPF_RAW_TRACEPOINT_OPEN(0x11, &(0x7f0000000180)={0x0}, 0x18) chdir(&(0x7f0000000080)='./file1\x00') mkdirat(0xffffffffffffff9c, &(0x7f0000000180)='./file1\x00', 0x0) readahead(0xffffffffffffffff, 0x0, 0xfffffffffffffff9) 139.755524ms ago: executing program 0 (id=311): r0 = socket$nl_generic(0x10, 0x3, 0x10) r1 = syz_genetlink_get_family_id$ethtool(&(0x7f0000001140), 0xffffffffffffffff) sendmsg$ETHTOOL_MSG_FEATURES_GET(r0, &(0x7f00000017c0)={0x0, 0x0, &(0x7f0000001780)={&(0x7f00000015c0)={0x18, r1, 0x1, 0x70bd2d, 0x25dfdbfe, {}, [@HEADER={0x4}]}, 0x18}, 0x1, 0x0, 0x0, 0x40000}, 0x4) 139.461138ms ago: executing program 0 (id=312): bpf$PROG_LOAD(0x5, &(0x7f0000000680)={0x0, 0xc, &(0x7f0000000440)=ANY=[@ANYBLOB="18090000000000000000000000000000850000006d0000001801000020696c2500000000002020207b1af8ff00000000bf"], 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, '\x00', 0x0, @fallback, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0xffffffffffffffff, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, @void, @value}, 0x94) r0 = syz_init_net_socket$bt_hci(0x1f, 0x3, 0x1) bind$bt_hci(r0, &(0x7f0000000080)={0x1f, 0xffff, 0x3}, 0x6) prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000080)=0x7) r1 = getpid() sched_setaffinity(0x0, 0x0, 0x0) sched_setscheduler(r1, 0x2, &(0x7f0000000200)=0x6) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0x0) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r2, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r3, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r2, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r4 = socket$nl_netfilter(0x10, 0x3, 0xc) sendmsg$NFT_BATCH(r4, &(0x7f00000000c0)={0x0, 0x0, &(0x7f0000000000)={&(0x7f0000000480)={{0x14}, [], {0x14, 0x10}}, 0x28}}, 0x0) mkdirat(0xffffffffffffff9c, &(0x7f0000000040)='./file0\x00', 0x0) r5 = socket$inet6_udplite(0xa, 0x2, 0x88) setsockopt$IP6T_SO_SET_REPLACE(r5, 0x29, 0x40, &(0x7f0000000540)=@filter={'filter\x00', 0x2, 0x4, 0x388, 0xffffffff, 0xd0, 0xd0, 0x0, 0xfeffffff, 0xffffffff, 0x2b8, 0x2b8, 0x2b8, 0xffffffff, 0x4, 0x0, {[{{@ipv6={@dev, @mcast1, [], [], 'macsec0\x00', 'bond_slave_0\x00', {}, {}, 0x0, 0x0, 0x3}, 0x2f2, 0xa8, 0xd0}, @REJECT={0x28, 'REJECT\x00', 0x0, {0x6}}}, {{@ipv6={@mcast1, @loopback, [], [], 'netdevsim0\x00', 'geneve0\x00'}, 0x0, 0xa8, 0x118}, @common=@unspec=@NFLOG={0x70, 'NFLOG\x00', 0x0, {0x0, 0x0, 0x0, 0x0, 0x0, "ddabf53d9b1435965491f6531877000001e770b667f173dfa40b58c10327e3121114449fd20ba2be6e45cae72a972f25170163232ed996b4789b9d00"}}}, {{@uncond, 0x0, 0xa8, 0xd0}, @common=@unspec=@NFQUEUE3={0x28}}], {{'\x00', 0x0, 0xa8, 0xd0}, {0x28}}}}, 0x3e8) wait4(0xffffffffffffffff, 0x0, 0x20000000, &(0x7f0000000240)) r6 = socket(0x10, 0x2, 0x0) ioctl$sock_ipv6_tunnel_SIOCADDTUNNEL(r6, 0x89f1, &(0x7f00000000c0)={'ip6gre0\x00', &(0x7f00000009c0)={'syztnl1\x00', 0x0, 0x4, 0x0, 0x0, 0x0, 0x52, @loopback, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01', 0x0, 0x8, 0x3}}) r7 = socket$inet6_sctp(0xa, 0x5, 0x84) connect$inet6(r7, &(0x7f0000000140)={0xa, 0x0, 0x0, @rand_addr=' \x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02'}, 0x1c) setsockopt$inet_sctp6_SCTP_SOCKOPT_CONNECTX_OLD(r7, 0x84, 0x6b, &(0x7f0000000040)=[@in={0x2, 0x0, @rand_addr=0x64010100}], 0x10) setsockopt$inet_sctp6_SCTP_MAX_BURST(r7, 0x84, 0x14, &(0x7f0000000680)=@assoc_value={0x0, 0x7}, 0x8) socket$nl_generic(0x10, 0x3, 0x10) 59.716322ms ago: executing program 1 (id=313): r0 = socket$nl_route(0x10, 0x3, 0x0) r1 = socket(0x10, 0x80003, 0x0) write(r1, &(0x7f0000000000)="240000001a005f0214f9f407000904000a000000fe000000000000", 0x1b) dup2(r0, r1) 59.56338ms ago: executing program 1 (id=314): r0 = socket$netlink(0x10, 0x3, 0x0) sendmsg$nl_route(r0, &(0x7f0000000140)={0x0, 0x0, &(0x7f0000000240)={&(0x7f0000000380)=ANY=[@ANYBLOB="340000001300f5d1030000000000000000000000d048ff8482ed"], 0x34}, 0x1, 0x0, 0x0, 0x40010}, 0x0) 117.398µs ago: executing program 2 (id=315): prlimit64(0x0, 0xe, &(0x7f0000000140)={0x8, 0x8b}, 0x0) sched_setscheduler(0x0, 0x1, &(0x7f0000000240)=0x7) r0 = getpid() sched_setscheduler(r0, 0x2, &(0x7f0000000200)=0x7) sched_setparam(r0, &(0x7f0000000080)=0x5) mmap(&(0x7f0000000000/0xb36000)=nil, 0xb36000, 0xb635773f06ebbeee, 0x8031, 0xffffffffffffffff, 0xd25d5000) socketpair$unix(0x1, 0x2, 0x0, &(0x7f0000000200)={0xffffffffffffffff, 0xffffffffffffffff}) connect$unix(r1, &(0x7f000057eff8)=@abs, 0x6e) sendmmsg$unix(r2, &(0x7f0000000000), 0x651, 0x0) recvmmsg(r1, &(0x7f00000000c0), 0x10106, 0x2, 0x0) r3 = memfd_create(&(0x7f0000000100)=';e\x00\x00\xa4\xd8\xe0\x9c\x7f9\x8aZ]3N\xbb\xe1^\x9c\xe1\x9b6s$0Y\xf8\x90\x00\x00\x00\x00\xd2~l\xf6\x12\xde\xdd\xd5\x1d\x96\xb0a\xad\xcd\x16\xd8G\xae\xd9DZm\xabO\xad\x11%\x7f`@\x16c\xc0\xb6\x1f\xe3\x00\x1a_\xc7\xbf\xa7T\xbe\x13\x8b\xb3r\x8fL\xe6\xba\xe7\x18\xb4$BIj\xa3\xc9\xc6|\x9b\x88\xddPx\x02I\xde\xe8\xcd\x02\xc1\xedc2\x06\xcbM\xfb\x13jZ\x96\xeej\x9b\xe4XjN\xb9>\xdf3U\r \x8dh8T/h)\x90\xff\x8d\xd9\x89\xab\xf8P\xacYtk\xa3\xed\xfa*8\x13\b\xce\xf8z\xed\xadnz\x96\xa3\x9a9R\xd9]\xe11We\xfe3\xe06\x1a^\x04^\xef\xa3\x0fU\x9b1\xc6J\x83\x9d[\\a\xfd\xdc\xa1\xcd\xbe\x9b\xc5z7\xe8VP\x89\x16MK`\xe5\x137\b\x00\x00\x00\xd5\x01\xea\x98\xe6Z\x95j\xe3\x0ek>\x14\x80\rXS\xce\xf9\x0e\x89\xc4\xc6\x1bOm4Lla\r\xce\x17\xb5r&\xf3\x96\xbc\xc39\xa7\x95\xd9F\x17', 0x0) syz_open_dev$dri(&(0x7f0000000000), 0x0, 0x0) syz_open_dev$dri(&(0x7f00000008c0), 0xd21, 0x0) r4 = socket(0x2000000000000021, 0x2, 0x2) keyctl$clear(0x7, 0x0) keyctl$read(0xb, 0x0, &(0x7f00000003c0)=""/4, 0x4) sendmsg$NL80211_CMD_SET_TX_BITRATE_MASK(r4, &(0x7f0000000140)={0x0, 0x0, &(0x7f00000002c0)={0x0}, 0x1, 0x0, 0x0, 0x4040}, 0x0) close_range(r3, 0xffffffffffffffff, 0x0) 0s ago: executing program 1 (id=316): r0 = syz_usb_connect(0x0, 0x24, &(0x7f0000000000)={{0x12, 0x1, 0x0, 0x15, 0x17, 0xee, 0x40, 0xaf0, 0x7a05, 0x0, 0x1, 0x2, 0x3, 0x1, [{{0x9, 0x2, 0x12, 0x1, 0x0, 0x0, 0x0, 0x0, [{{0x9, 0x4, 0x0, 0x0, 0x0, 0xff, 0x5, 0x49}}]}}]}}, 0x0) syz_usb_control_io$uac1(r0, 0x0, &(0x7f0000000040)={0x44, &(0x7f0000000ac0)={0x40, 0xe, 0x11, "0790fcc6c828d711efba22764d91ef0000"}, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}) dup(0xffffffffffffffff) 0s ago: executing program 3 (id=317): r0 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r0, 0x8933, &(0x7f0000000040)={'vxcan0\x00', 0x0}) bind$can_j1939(r0, &(0x7f0000000080)={0x1d, r1}, 0x18) r2 = socket$can_j1939(0x1d, 0x2, 0x7) ioctl$ifreq_SIOCGIFINDEX_vcan(r2, 0x8933, &(0x7f00000000c0)={'vxcan1\x00', 0x0}) bind$can_j1939(r2, &(0x7f0000000100)={0x1d, r3}, 0x18) connect$can_j1939(r2, &(0x7f0000000140)={0x1d, r3}, 0x18) sendmsg$can_j1939(r2, &(0x7f0000000180)={0x0, 0x0, &(0x7f00000001c0)={&(0x7f0000000200)='d', 0x1}}, 0x0) recvmsg$can_j1939(r0, &(0x7f0000000240)={0x0, 0x0, 0x0}, 0x0) kernel console output (not intermixed with test programs): Warning: Permanently added '[localhost]:2200' (ED25519) to the list of known hosts. [ 34.235638][ T5861] cgroup: Unknown subsys name 'net' [ 34.429013][ T5861] cgroup: Unknown subsys name 'cpuset' [ 34.432941][ T5861] cgroup: Unknown subsys name 'rlimit' Setting up swapspace version 1, size = 127995904 bytes [ 35.295054][ T5861] Adding 124996k swap on ./swap-file. Priority:0 extents:1 across:124996k [ 37.928957][ T5949] Bluetooth: hci1: unexpected cc 0x0c03 length: 249 > 1 [ 37.929005][ T5951] Bluetooth: hci0: unexpected cc 0x0c03 length: 249 > 1 [ 37.932593][ T5949] Bluetooth: hci3: unexpected cc 0x0c03 length: 249 > 1 [ 37.933231][ T5951] Bluetooth: hci1: unexpected cc 0x1003 length: 249 > 9 [ 37.935406][ T5949] Bluetooth: hci0: unexpected cc 0x1003 length: 249 > 9 [ 37.937056][ T5951] Bluetooth: hci3: unexpected cc 0x1003 length: 249 > 9 [ 37.938642][ T5949] Bluetooth: hci1: unexpected cc 0x1001 length: 249 > 9 [ 37.940244][ T5951] Bluetooth: hci0: unexpected cc 0x1001 length: 249 > 9 [ 37.940773][ T5956] Bluetooth: hci2: unexpected cc 0x0c03 length: 249 > 1 [ 37.940967][ T5956] Bluetooth: hci3: unexpected cc 0x1001 length: 249 > 9 [ 37.941698][ T5956] Bluetooth: hci2: unexpected cc 0x1003 length: 249 > 9 [ 37.942703][ T5949] Bluetooth: hci2: unexpected cc 0x1001 length: 249 > 9 [ 37.943135][ T5959] Bluetooth: hci3: unexpected cc 0x0c23 length: 249 > 4 [ 37.943296][ T5959] Bluetooth: hci1: unexpected cc 0x0c23 length: 249 > 4 [ 37.943751][ T5959] Bluetooth: hci3: unexpected cc 0x0c25 length: 249 > 3 [ 37.944299][ T5951] Bluetooth: hci0: unexpected cc 0x0c23 length: 249 > 4 [ 37.944509][ T5951] Bluetooth: hci0: unexpected cc 0x0c25 length: 249 > 3 [ 37.944622][ T5951] Bluetooth: hci0: unexpected cc 0x0c38 length: 249 > 2 [ 37.945841][ T5295] Bluetooth: hci1: unexpected cc 0x0c25 length: 249 > 3 [ 37.946849][ T5949] Bluetooth: hci2: unexpected cc 0x0c23 length: 249 > 4 [ 37.947078][ T5949] Bluetooth: hci2: unexpected cc 0x0c25 length: 249 > 3 [ 37.947262][ T5949] Bluetooth: hci2: unexpected cc 0x0c38 length: 249 > 2 [ 37.948157][ T65] Bluetooth: hci3: unexpected cc 0x0c38 length: 249 > 2 [ 37.962766][ T5951] Bluetooth: hci1: unexpected cc 0x0c38 length: 249 > 2 [ 38.102046][ T5950] chnl_net:caif_netlink_parms(): no params data found [ 38.118379][ T5942] chnl_net:caif_netlink_parms(): no params data found [ 38.191986][ T5954] chnl_net:caif_netlink_parms(): no params data found [ 38.257021][ T5950] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.259386][ T5950] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.261413][ T5950] bridge_slave_0: entered allmulticast mode [ 38.263444][ T5950] bridge_slave_0: entered promiscuous mode [ 38.266861][ T5950] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.268732][ T5950] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.270621][ T5950] bridge_slave_1: entered allmulticast mode [ 38.272642][ T5950] bridge_slave_1: entered promiscuous mode [ 38.280426][ T5943] chnl_net:caif_netlink_parms(): no params data found [ 38.285418][ T5942] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.287276][ T5942] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.289386][ T5942] bridge_slave_0: entered allmulticast mode [ 38.291399][ T5942] bridge_slave_0: entered promiscuous mode [ 38.294413][ T5942] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.296301][ T5942] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.298175][ T5942] bridge_slave_1: entered allmulticast mode [ 38.300121][ T5942] bridge_slave_1: entered promiscuous mode [ 38.369692][ T5954] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.371612][ T5954] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.373504][ T5954] bridge_slave_0: entered allmulticast mode [ 38.375842][ T5954] bridge_slave_0: entered promiscuous mode [ 38.393315][ T5942] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.396880][ T5950] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.399432][ T5954] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.401313][ T5954] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.403200][ T5954] bridge_slave_1: entered allmulticast mode [ 38.405323][ T5954] bridge_slave_1: entered promiscuous mode [ 38.428776][ T5942] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.431879][ T5950] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.466059][ T5943] bridge0: port 1(bridge_slave_0) entered blocking state [ 38.467986][ T5943] bridge0: port 1(bridge_slave_0) entered disabled state [ 38.469878][ T5943] bridge_slave_0: entered allmulticast mode [ 38.472122][ T5943] bridge_slave_0: entered promiscuous mode [ 38.494048][ T5950] team0: Port device team_slave_0 added [ 38.496950][ T5954] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.499499][ T5943] bridge0: port 2(bridge_slave_1) entered blocking state [ 38.501390][ T5943] bridge0: port 2(bridge_slave_1) entered disabled state [ 38.503318][ T5943] bridge_slave_1: entered allmulticast mode [ 38.505441][ T5943] bridge_slave_1: entered promiscuous mode [ 38.523643][ T5942] team0: Port device team_slave_0 added [ 38.526402][ T5950] team0: Port device team_slave_1 added [ 38.536162][ T5954] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.548753][ T5942] team0: Port device team_slave_1 added [ 38.559754][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.561663][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.569942][ T5950] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.590648][ T5943] bond0: (slave bond_slave_0): Enslaving as an active interface with an up link [ 38.601243][ T5950] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.603182][ T5950] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.610262][ T5950] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.615785][ T5954] team0: Port device team_slave_0 added [ 38.618364][ T5943] bond0: (slave bond_slave_1): Enslaving as an active interface with an up link [ 38.639234][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.641183][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.648396][ T5942] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.652154][ T5954] team0: Port device team_slave_1 added [ 38.663324][ T5943] team0: Port device team_slave_0 added [ 38.666842][ T5942] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.668726][ T5942] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.675874][ T5942] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.687767][ T5943] team0: Port device team_slave_1 added [ 38.728744][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.730592][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.737323][ T5943] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.742139][ T5950] hsr_slave_0: entered promiscuous mode [ 38.744291][ T5950] hsr_slave_1: entered promiscuous mode [ 38.747827][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_0 [ 38.750112][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_0 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.758319][ T5954] batman_adv: batadv0: Not using interface batadv_slave_0 (retrying later): interface not active [ 38.761866][ T5954] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.763717][ T5954] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.770945][ T5954] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.774359][ T5943] batman_adv: batadv0: Adding interface: batadv_slave_1 [ 38.776334][ T5943] batman_adv: batadv0: The MTU of interface batadv_slave_1 is too small (1500) to handle the transport of batman-adv packets. Packets going over this interface will be fragmented on layer2 which could impact the performance. Setting the MTU to 1560 would solve the problem. [ 38.783001][ T5943] batman_adv: batadv0: Not using interface batadv_slave_1 (retrying later): interface not active [ 38.806947][ T5942] hsr_slave_0: entered promiscuous mode [ 38.808871][ T5942] hsr_slave_1: entered promiscuous mode [ 38.810704][ T5942] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 38.812792][ T5942] Cannot create hsr debugfs directory [ 38.842101][ T5943] hsr_slave_0: entered promiscuous mode [ 38.844151][ T5943] hsr_slave_1: entered promiscuous mode [ 38.846090][ T5943] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 38.848080][ T5943] Cannot create hsr debugfs directory [ 38.912244][ T5954] hsr_slave_0: entered promiscuous mode [ 38.914146][ T5954] hsr_slave_1: entered promiscuous mode [ 38.916113][ T5954] debugfs: Directory 'hsr0' with parent 'hsr' already present! [ 38.918068][ T5954] Cannot create hsr debugfs directory [ 39.053961][ T5950] netdevsim netdevsim0 netdevsim0: renamed from eth0 [ 39.064009][ T5950] netdevsim netdevsim0 netdevsim1: renamed from eth1 [ 39.068978][ T5950] netdevsim netdevsim0 netdevsim2: renamed from eth2 [ 39.079237][ T5950] netdevsim netdevsim0 netdevsim3: renamed from eth3 [ 39.105199][ T5942] netdevsim netdevsim3 netdevsim0: renamed from eth0 [ 39.110196][ T5942] netdevsim netdevsim3 netdevsim1: renamed from eth1 [ 39.114900][ T5942] netdevsim netdevsim3 netdevsim2: renamed from eth2 [ 39.117997][ T5942] netdevsim netdevsim3 netdevsim3: renamed from eth3 [ 39.136518][ T5943] netdevsim netdevsim1 netdevsim0: renamed from eth0 [ 39.139748][ T5943] netdevsim netdevsim1 netdevsim1: renamed from eth1 [ 39.142693][ T5943] netdevsim netdevsim1 netdevsim2: renamed from eth2 [ 39.145626][ T5943] netdevsim netdevsim1 netdevsim3: renamed from eth3 [ 39.167859][ T5954] netdevsim netdevsim2 netdevsim0: renamed from eth0 [ 39.170872][ T5954] netdevsim netdevsim2 netdevsim1: renamed from eth1 [ 39.174022][ T5954] netdevsim netdevsim2 netdevsim2: renamed from eth2 [ 39.177754][ T5954] netdevsim netdevsim2 netdevsim3: renamed from eth3 [ 39.217475][ T5950] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.228034][ T5942] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.239277][ T5950] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.250808][ T5942] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.255490][ T1132] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.257801][ T1132] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.264631][ T5943] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.269874][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.272175][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.277903][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.279799][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.282601][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.284457][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.309720][ T5943] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.323682][ T5954] 8021q: adding VLAN 0 to HW filter on device bond0 [ 39.330123][ T1132] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.332020][ T1132] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.334556][ T1132] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.336436][ T1132] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.342476][ T5950] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 39.351610][ T5954] 8021q: adding VLAN 0 to HW filter on device team0 [ 39.356459][ T45] bridge0: port 1(bridge_slave_0) entered blocking state [ 39.359009][ T45] bridge0: port 1(bridge_slave_0) entered forwarding state [ 39.367403][ T45] bridge0: port 2(bridge_slave_1) entered blocking state [ 39.370007][ T45] bridge0: port 2(bridge_slave_1) entered forwarding state [ 39.386857][ T5943] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 39.402831][ T5954] hsr0: Slave A (hsr_slave_0) is not up; please bring it up to get a fully working HSR network [ 39.406018][ T5954] hsr0: Slave B (hsr_slave_1) is not up; please bring it up to get a fully working HSR network [ 39.418223][ T5942] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.432818][ T5942] veth0_vlan: entered promiscuous mode [ 39.440628][ T5942] veth1_vlan: entered promiscuous mode [ 39.458483][ T5942] veth0_macvtap: entered promiscuous mode [ 39.463628][ T5942] veth1_macvtap: entered promiscuous mode [ 39.467354][ T5950] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.474833][ T5943] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.482375][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.489165][ T5954] 8021q: adding VLAN 0 to HW filter on device batadv0 [ 39.493746][ T5942] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.501708][ T5942] netdevsim netdevsim3 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.504131][ T5942] netdevsim netdevsim3 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.506722][ T5942] netdevsim netdevsim3 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.508997][ T5942] netdevsim netdevsim3 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.530135][ T5943] veth0_vlan: entered promiscuous mode [ 39.533084][ T5950] veth0_vlan: entered promiscuous mode [ 39.541694][ T5943] veth1_vlan: entered promiscuous mode [ 39.550336][ T5950] veth1_vlan: entered promiscuous mode [ 39.553112][ T5954] veth0_vlan: entered promiscuous mode [ 39.557670][ T5954] veth1_vlan: entered promiscuous mode [ 39.574138][ T5950] veth0_macvtap: entered promiscuous mode [ 39.583236][ T5950] veth1_macvtap: entered promiscuous mode [ 39.588071][ T5943] veth0_macvtap: entered promiscuous mode [ 39.591045][ T5954] veth0_macvtap: entered promiscuous mode [ 39.593764][ T5954] veth1_macvtap: entered promiscuous mode [ 39.595302][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.597363][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.604786][ T5943] veth1_macvtap: entered promiscuous mode [ 39.609898][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.612715][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.616008][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.621138][ T5950] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.623846][ T5950] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.627247][ T5950] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.631320][ T5950] netdevsim netdevsim0 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.633608][ T5950] netdevsim netdevsim0 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.636154][ T5950] netdevsim netdevsim0 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.638424][ T5950] netdevsim netdevsim0 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.647118][ T5954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.649874][ T5954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.652393][ T5954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.655720][ T5954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.658829][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.661432][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.664160][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.667195][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.669964][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.672473][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3e) already exists on: batadv_slave_0 [ 39.675312][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.678814][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_0 [ 39.683972][ T189] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.686668][ T189] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.689618][ T5954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.692746][ T5954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.695337][ T5954] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.698010][ T5954] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.700992][ T5954] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.703590][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.706775][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.709291][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.711961][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.714477][ T5943] batman_adv: The newly added mac address (aa:aa:aa:aa:aa:3f) already exists on: batadv_slave_1 [ 39.717667][ T5943] batman_adv: It is strongly recommended to keep mac addresses unique to avoid problems! [ 39.720695][ T5943] batman_adv: batadv0: Interface activated: batadv_slave_1 [ 39.727350][ T5954] netdevsim netdevsim2 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.730002][ T5954] netdevsim netdevsim2 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.732236][ T5954] netdevsim netdevsim2 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.734504][ T5954] netdevsim netdevsim2 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.738053][ T5943] netdevsim netdevsim1 netdevsim0: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.740335][ T5943] netdevsim netdevsim1 netdevsim1: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.742599][ T5943] netdevsim netdevsim1 netdevsim2: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.744859][ T5943] netdevsim netdevsim1 netdevsim3: set [1, 0] type 2 family 0 port 6081 - 0 [ 39.756329][ T5942] soft_limit_in_bytes is deprecated and will be removed. Please report your usecase to linux-mm@kvack.org if you depend on this functionality. [ 39.766533][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.768636][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.807392][ T45] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.809490][ T45] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.813506][ T75] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.816058][ T75] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.828020][ T45] wlan0: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.830102][ T45] wlan0: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.835986][ T189] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.838079][ T189] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.851143][ T12] wlan1: Created IBSS using preconfigured BSSID 50:50:50:50:50:50 [ 39.853269][ T12] wlan1: Creating new IBSS network, BSSID 50:50:50:50:50:50 [ 39.908709][ T6016] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found [ 39.910797][ T6016] UDF-fs: Scanning with blocksize 512 failed [ 39.913014][ T6016] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found [ 39.915068][ T6016] UDF-fs: Scanning with blocksize 1024 failed [ 39.916828][ T6016] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found [ 39.918773][ T6016] UDF-fs: Scanning with blocksize 2048 failed [ 39.920477][ T6016] UDF-fs: warning (device nullb0): udf_load_vrs: No VRS found [ 39.922449][ T6016] UDF-fs: Scanning with blocksize 4096 failed [ 39.955574][ T5946] Bluetooth: hci2: command tx timeout [ 40.035036][ T5946] Bluetooth: hci0: command tx timeout [ 40.045167][ T5946] Bluetooth: hci1: command tx timeout [ 40.046861][ T5946] Bluetooth: hci3: command tx timeout [ 40.050542][ T6020] warning: `syz.2.3' uses wireless extensions which will stop working for Wi-Fi 7 hardware; use nl80211 [ 40.110872][ T6022] netlink: 'syz.2.3': attribute type 1 has an invalid length. [ 40.113134][ T6022] netlink: 224 bytes leftover after parsing attributes in process `syz.2.3'. [ 40.189825][ T5986] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 40.249333][ T6021] syzkaller0: entered promiscuous mode [ 40.250863][ T6021] syzkaller0: entered allmulticast mode [ 40.315075][ T5987] usb 6-1: new high-speed USB device number 2 using dummy_hcd [ 40.495105][ T5987] usb 6-1: Using ep0 maxpacket: 8 [ 40.504825][ T5987] usb 6-1: config index 0 descriptor too short (expected 5924, got 36) [ 40.508087][ T5987] usb 6-1: config 250 has an invalid interface number: 228 but max is -1 [ 40.510294][ T5987] usb 6-1: config 250 has 1 interface, different from the descriptor's value: 0 [ 40.512675][ T5987] usb 6-1: config 250 has no interface number 0 [ 40.514371][ T5987] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x1 has invalid maxpacket 65280, setting to 1024 [ 40.517659][ T5987] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x1 has invalid maxpacket 1024 [ 40.520419][ T5987] usb 6-1: config 250 interface 228 altsetting 255 endpoint 0x82 has invalid wMaxPacketSize 0 [ 40.523101][ T5987] usb 6-1: config 250 interface 228 altsetting 255 bulk endpoint 0x82 has invalid maxpacket 0 [ 40.525933][ T5987] usb 6-1: config 250 interface 228 altsetting 255 has 2 endpoint descriptors, different from the interface descriptor's value: 17 [ 40.529780][ T5987] usb 6-1: config 250 interface 228 has no altsetting 0 [ 40.536220][ T5987] usb 6-1: New USB device found, idVendor=0525, idProduct=d292, bcdDevice= 0.07 [ 40.538665][ T5987] usb 6-1: New USB device strings: Mfr=0, Product=106, SerialNumber=59 [ 40.540916][ T5987] usb 6-1: Product: syz [ 40.542075][ T5987] usb 6-1: SerialNumber: syz [ 40.561045][ T5987] hub 6-1:250.228: bad descriptor, ignoring hub [ 40.565365][ T5987] hub 6-1:250.228: probe with driver hub failed with error -5 [ 40.772477][ T5987] usblp 6-1:250.228: usblp0: USB Bidirectional printer dev 2 if 228 alt 255 proto 3 vid 0x0525 pid 0xD292 [ 41.165761][ T5989] usb 6-1: USB disconnect, device number 2 [ 41.171094][ T5989] usblp0: removed [ 41.435576][ T5989] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 41.487148][ T6046] syzkaller0: entered promiscuous mode [ 41.488650][ T6046] syzkaller0: entered allmulticast mode [ 42.045324][ T5951] Bluetooth: hci2: command tx timeout [ 42.125061][ T5946] Bluetooth: hci1: command tx timeout [ 42.126544][ T5946] Bluetooth: hci0: command tx timeout [ 42.128030][ T5951] Bluetooth: hci3: command tx timeout [ 42.184830][ T6053] trusted_key: encrypted_key: insufficient parameters specified [ 42.282946][ T6054] bridge1: entered promiscuous mode [ 43.075088][ T6066] syzkaller0: entered promiscuous mode [ 43.076988][ T6066] syzkaller0: entered allmulticast mode [ 43.085487][ T5989] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 43.401408][ T6078] netlink: 4 bytes leftover after parsing attributes in process `syz.2.10'. [ 44.047269][ T6084] sp0: Synchronizing with TNC [ 44.116121][ T5951] Bluetooth: hci2: command tx timeout [ 44.155406][ T5989] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 44.205494][ T5951] Bluetooth: hci3: command tx timeout [ 44.207153][ T5951] Bluetooth: hci0: command tx timeout [ 44.208575][ T5951] Bluetooth: hci1: command tx timeout [ 46.195101][ T5955] Bluetooth: hci2: command tx timeout [ 46.275454][ T5955] Bluetooth: hci1: command tx timeout [ 46.275581][ T5951] Bluetooth: hci0: command tx timeout [ 46.276951][ T5946] Bluetooth: hci3: command tx timeout [ 52.725718][ T0] NOHZ tick-stop error: local softirq work is pending, handler #248!!! [ 52.733442][ T5987] libceph: connect (1)[c::]:6789 error -101 [ 52.735752][ T5987] libceph: mon0 (1)[c::]:6789 connect error [ 52.786796][ T6117] UDPLite: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 52.806226][ T6117] netlink: 8 bytes leftover after parsing attributes in process `syz.2.15'. [ 52.809688][ T6117] team_slave_0: entered allmulticast mode [ 52.868625][ T6107] ceph: No mds server is up or the cluster is laggy [ 52.945691][ T6115] fuse: Bad value for 'fd' [ 53.566753][ T6109] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 53.568696][ T6109] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 53.573461][ T6109] Bluetooth: hci0: Opcode 0x0406 failed: -4 [ 53.576575][ T6109] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 53.578164][ T6109] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 53.581228][ T6109] Bluetooth: hci1: Opcode 0x0406 failed: -4 [ 53.585438][ T6109] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 53.587495][ T6109] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 53.590495][ T6109] Bluetooth: hci2: Opcode 0x0406 failed: -4 [ 53.599063][ T6109] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 53.601304][ T6109] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 53.605751][ T6109] Bluetooth: hci3: Opcode 0x0406 failed: -4 [ 53.637856][ T6107] Process accounting resumed [ 53.689056][ T5989] libceph: connect (1)[c::]:6789 error -101 [ 53.691127][ T5989] libceph: mon0 (1)[c::]:6789 connect error [ 53.745118][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 53.848558][ T6127] ceph: No mds server is up or the cluster is laggy [ 54.377492][ T5989] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 54.795052][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 54.835087][ T5946] Bluetooth: hci0: command 0x0c1a tx timeout [ 54.895330][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 54.897712][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 54.900298][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 54.945166][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 54.947441][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 54.973579][ T6180] Driver unsupported XDP return value 0 on prog (id 5) dev N/A, expect packet loss! [ 55.025072][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 55.033393][ T0] NOHZ tick-stop error: local softirq work is pending, handler #200!!! [ 55.635041][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout [ 55.635117][ T5955] Bluetooth: hci2: command 0x0c1a tx timeout [ 55.636705][ T5951] Bluetooth: hci1: command 0x0c1a tx timeout [ 55.768505][ T6202] usb 1-1: USB disconnect, device number 2 [ 55.955401][ T5989] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 56.001910][ T6209] syzkaller0: entered promiscuous mode [ 56.003409][ T6209] syzkaller0: entered allmulticast mode [ 56.915086][ T5946] Bluetooth: hci0: command 0x0c1a tx timeout [ 57.715303][ T5946] Bluetooth: hci3: command 0x0c1a tx timeout [ 57.716969][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout [ 57.718496][ T5951] Bluetooth: hci1: command 0x0c1a tx timeout [ 58.995118][ T5951] Bluetooth: hci0: command 0x0c1a tx timeout [ 59.795041][ T5951] Bluetooth: hci1: command 0x0c1a tx timeout [ 59.795126][ T5955] Bluetooth: hci3: command 0x0c1a tx timeout [ 59.795206][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout [ 61.472738][ T73] libceph: connect (1)[c::]:6789 error -101 [ 61.474373][ T73] libceph: mon0 (1)[c::]:6789 connect error [ 61.514751][ T73] libceph: connect (1)[c::]:6789 error -101 [ 61.516409][ T73] libceph: mon0 (1)[c::]:6789 connect error [ 61.595040][ T6235] ceph: No mds server is up or the cluster is laggy [ 61.597501][ T6243] fuse: Bad value for 'fd' [ 61.617905][ T6229] ceph: No mds server is up or the cluster is laggy [ 61.727649][ T6239] Process accounting resumed [ 61.825611][ T5952] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 61.935253][ T6246] syzkaller0: entered promiscuous mode [ 61.936659][ T6246] syzkaller0: entered allmulticast mode [ 62.011484][ T6256] syzkaller0: entered promiscuous mode [ 62.013006][ T6256] syzkaller0: entered allmulticast mode [ 62.798812][ T6273] capability: warning: `syz.2.40' uses deprecated v2 capabilities in a way that may be insecure [ 62.802835][ T5955] Bluetooth: hci3: unexpected event for opcode 0x0c1c [ 63.787964][ T6270] bridge_slave_0: left allmulticast mode [ 63.789507][ T6270] bridge_slave_0: left promiscuous mode [ 63.791958][ T6270] bridge0: port 1(bridge_slave_0) entered disabled state [ 63.794802][ C2] e1000 0000:00:06.0 eth0: Detected Tx Unit Hang [ 63.794802][ C2] Tx Queue <0> [ 63.794802][ C2] TDH <0> [ 63.794802][ C2] TDT <7> [ 63.794802][ C2] next_to_use <7> [ 63.794802][ C2] next_to_clean <0> [ 63.794802][ C2] buffer_info[next_to_clean] [ 63.794802][ C2] time_stamp [ 63.794802][ C2] next_to_watch <0> [ 63.794802][ C2] jiffies [ 63.794802][ C2] next_to_watch.status <0> [ 63.810894][ T6270] bridge_slave_1: left allmulticast mode [ 63.812417][ T6270] bridge_slave_1: left promiscuous mode [ 63.813914][ T6270] bridge0: port 2(bridge_slave_1) entered disabled state [ 63.818901][ T6270] bond0: (slave bond_slave_0): Releasing backup interface [ 63.823013][ T6270] bond0: (slave bond_slave_1): Releasing backup interface [ 63.828320][ T6270] team0: Port device team_slave_0 removed [ 63.834536][ T6270] team0: Port device team_slave_1 removed [ 63.837647][ T6270] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 63.839530][ T6270] batman_adv: batadv0: Removing interface: batadv_slave_0 [ 63.842614][ T6270] batman_adv: batadv0: Interface deactivated: batadv_slave_1 [ 63.844481][ T6270] batman_adv: batadv0: Removing interface: batadv_slave_1 [ 64.016824][ T6268] batman_adv: batadv0: Interface deactivated: batadv_slave_0 [ 64.025955][ T6268] batadv_slave_0: entered promiscuous mode [ 64.046058][ T25] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 64.245456][ T25] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 70.681017][ T1411] ieee802154 phy0 wpan0: encryption failed: -22 [ 75.414474][ T6338] netlink: 'syz.1.45': attribute type 1 has an invalid length. [ 75.455090][ T6338] netlink: 224 bytes leftover after parsing attributes in process `syz.1.45'. [ 75.798303][ T58] cfg80211: failed to load regulatory.db [ 75.806501][ T58] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 76.051577][ T6319] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 76.054138][ T6319] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 76.058476][ T6319] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 76.062733][ T6319] Bluetooth: hci3: Opcode 0x0c1a failed: -4 [ 76.165701][ T6370] FAULT_INJECTION: forcing a failure. [ 76.165701][ T6370] name fail_usercopy, interval 1, probability 0, space 0, times 1 [ 76.169127][ T6370] CPU: 0 UID: 0 PID: 6370 Comm: syz.3.51 Not tainted 6.13.0-rc1-syzkaller-00036-g5076001689e4 #0 [ 76.171541][ T6372] FAULT_INJECTION: forcing a failure. [ 76.171541][ T6372] name failslab, interval 1, probability 0, space 0, times 1 [ 76.171790][ T6370] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.171799][ T6370] Call Trace: [ 76.171803][ T6370] [ 76.171807][ T6370] dump_stack_lvl+0x16c/0x1f0 [ 76.181033][ T6370] should_fail_ex+0x497/0x5b0 [ 76.182295][ T6370] strncpy_from_user+0x3b/0x2d0 [ 76.183897][ T6370] getname_flags.part.0+0x8f/0x550 [ 76.185788][ T6370] getname_flags+0x93/0xf0 [ 76.187151][ T6370] __ia32_sys_rename+0x57/0xa0 [ 76.188389][ T6370] __do_fast_syscall_32+0x73/0x120 [ 76.189748][ T6370] do_fast_syscall_32+0x32/0x80 [ 76.191045][ T6370] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 76.192827][ T6370] RIP: 0023:0xf73be579 [ 76.194025][ T6370] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 76.198983][ T6370] RSP: 002b:00000000f50a657c EFLAGS: 00000292 ORIG_RAX: 0000000000000026 [ 76.201161][ T6370] RAX: ffffffffffffffda RBX: 0000000020000180 RCX: 0000000020000340 [ 76.203227][ T6370] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 76.205291][ T6370] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 76.207344][ T6370] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 76.209434][ T6370] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 76.211490][ T6370] [ 76.212303][ T6372] CPU: 2 UID: 0 PID: 6372 Comm: syz.0.52 Not tainted 6.13.0-rc1-syzkaller-00036-g5076001689e4 #0 [ 76.215038][ T6372] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 76.215610][ T6374] 9pnet_virtio: no channels available for device syz [ 76.217793][ T6372] Call Trace: [ 76.217799][ T6372] [ 76.217804][ T6372] dump_stack_lvl+0x16c/0x1f0 [ 76.222721][ T6372] should_fail_ex+0x497/0x5b0 [ 76.223967][ T6372] ? fs_reclaim_acquire+0xae/0x150 [ 76.225314][ T6372] should_failslab+0xc2/0x120 [ 76.226556][ T6372] kmem_cache_alloc_node_noprof+0x72/0x3b0 [ 76.228070][ T6372] ? __pfx_mark_lock+0x10/0x10 [ 76.229327][ T6372] ? __alloc_skb+0x2b3/0x380 [ 76.230541][ T6372] __alloc_skb+0x2b3/0x380 [ 76.231406][ T6375] netlink: 48 bytes leftover after parsing attributes in process `syz.1.50'. [ 76.231699][ T6372] ? __pfx___alloc_skb+0x10/0x10 [ 76.235714][ T6372] ? hlock_class+0x4e/0x130 [ 76.236913][ T6372] tcp_stream_alloc_skb+0x34/0x570 [ 76.238248][ T6372] tcp_sendmsg_locked+0xed5/0x3770 [ 76.239590][ T6372] ? mark_lock+0xb5/0xc60 [ 76.240726][ T6372] ? __pfx_mark_lock+0x10/0x10 [ 76.242007][ T6372] ? __pfx_tcp_sendmsg_locked+0x10/0x10 [ 76.243459][ T6372] ? tcp_sendmsg+0x20/0x50 [ 76.244656][ T6372] ? mark_held_locks+0x9f/0xe0 [ 76.245924][ T6372] ? __local_bh_enable_ip+0xa4/0x120 [ 76.247306][ T6372] tcp_sendmsg+0x2e/0x50 [ 76.248430][ T6372] ? __pfx_tcp_sendmsg+0x10/0x10 [ 76.249729][ T6372] inet_sendmsg+0xb9/0x140 [ 76.250895][ T6372] ____sys_sendmsg+0x907/0xb40 [ 76.252153][ T6372] ? __pfx_____sys_sendmsg+0x10/0x10 [ 76.253540][ T6372] ? get_compat_msghdr+0x11b/0x170 [ 76.254887][ T6372] ___sys_sendmsg+0x135/0x1e0 [ 76.256125][ T6372] ? __pfx____sys_sendmsg+0x10/0x10 [ 76.257505][ T6372] ? __pfx_lock_release+0x10/0x10 [ 76.258819][ T6372] ? trace_lock_acquire+0x14e/0x1f0 [ 76.260180][ T6372] ? __fget_files+0x206/0x3a0 [ 76.261443][ T6372] __sys_sendmsg+0x16e/0x220 [ 76.262665][ T6372] ? __pfx___sys_sendmsg+0x10/0x10 [ 76.264038][ T6372] __do_fast_syscall_32+0x73/0x120 [ 76.265391][ T6372] do_fast_syscall_32+0x32/0x80 [ 76.266695][ T6372] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 76.268337][ T6372] RIP: 0023:0xf73fe579 [ 76.269420][ T6372] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 76.274407][ T6372] RSP: 002b:00000000f50e657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 76.276585][ T6372] RAX: ffffffffffffffda RBX: 0000000000000003 RCX: 0000000020000580 [ 76.278621][ T6372] RDX: 0000000000007fe5 RSI: 0000000000000000 RDI: 0000000000000000 [ 76.280679][ T6372] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 76.282737][ T6372] R10: 0000000000000000 R11: 0000000000000293 R12: 0000000000000000 [ 76.284771][ T6372] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 76.286826][ T6372] [ 76.675424][ T25] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 76.847399][ T25] e1000: eth0 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: None [ 76.880647][ T6389] syzkaller0: entered promiscuous mode [ 76.882147][ T6389] syzkaller0: entered allmulticast mode [ 77.325833][ T5955] Bluetooth: hci0: command 0x0c1a tx timeout [ 78.125204][ T5951] Bluetooth: hci1: command 0x0c1a tx timeout [ 78.125722][ T5946] Bluetooth: hci2: command 0x0c1a tx timeout [ 78.126940][ T5955] Bluetooth: hci3: command 0x0c1a tx timeout [ 85.715567][ T6424] Zero length message leads to an empty skb [ 85.874582][ T6435] qrtr: Invalid version 48 [ 85.881678][ T5955] Bluetooth: hci3: unexpected event for opcode 0x200f [ 86.367181][ T6438] xt_connbytes: Forcing CT accounting to be enabled [ 86.369093][ T6438] xt_CT: You must specify a L4 protocol and not use inversions on it [ 86.765283][ T6454] Trying to write to read-only block-device nullb0 [ 88.595524][ T58] usb 5-1: new high-speed USB device number 2 using dummy_hcd [ 88.668470][ T6504] iwpm_register_pid: Unable to send a nlmsg (client = 2) [ 88.674710][ T6504] infiniband syz2: RDMA CMA: cma_listen_on_dev, error -98 [ 88.764993][ T58] usb 5-1: Using ep0 maxpacket: 16 [ 88.771094][ T58] usb 5-1: New USB device found, idVendor=0471, idProduct=0327, bcdDevice=61.a4 [ 88.773666][ T58] usb 5-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 88.776799][ T58] usb 5-1: config 0 descriptor?? [ 88.779553][ T58] gspca_main: sonixj-2.14.0 probing 0471:0327 [ 89.589812][ T58] gspca_sonixj: reg_r err -71 [ 89.591181][ T58] sonixj 5-1:0.0: probe with driver sonixj failed with error -71 [ 89.594199][ T58] usb 5-1: USB disconnect, device number 2 [ 89.955801][ T5955] Bluetooth: hci3: Controller not accepting commands anymore: ncmd = 0 [ 89.958161][ T5955] Bluetooth: hci3: Injecting HCI hardware error event [ 89.961211][ T5946] Bluetooth: hci3: hardware error 0x00 [ 89.985029][ T25] usb 8-1: new high-speed USB device number 2 using dummy_hcd [ 90.135109][ T25] usb 8-1: Using ep0 maxpacket: 32 [ 90.139638][ T25] usb 8-1: New USB device found, idVendor=041e, idProduct=400b, bcdDevice=3e.e7 [ 90.142046][ T25] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 90.145085][ T25] usb 8-1: config 0 descriptor?? [ 90.148410][ T25] gspca_main: sunplus-2.14.0 probing 041e:400b [ 90.753427][ T25] gspca_sunplus: reg_r err -71 [ 90.754754][ T25] sunplus 8-1:0.0: probe with driver sunplus failed with error -71 [ 90.764454][ T25] usb 8-1: USB disconnect, device number 2 [ 90.823584][ T6548] IPVS: sync thread started: state = MASTER, mcast_ifn = ip6tnl0, syncid = 0, id = 0 [ 90.850281][ T6550] netlink: 20 bytes leftover after parsing attributes in process `syz.2.103'. [ 90.854321][ T6550] vlan2: entered promiscuous mode [ 91.172840][ T6561] overlayfs: failed to resolve './file1': -2 [ 91.177213][ T6561] netlink: 'syz.0.106': attribute type 3 has an invalid length. [ 92.035060][ T5946] Bluetooth: hci3: Opcode 0x0c03 failed: -110 [ 92.258219][ T6586] Bluetooth: hci0: Opcode 0x0c1a failed: -4 [ 92.260765][ T6586] Bluetooth: hci0: Error when powering off device on rfkill (-4) [ 92.263420][ T6586] Bluetooth: hci1: Opcode 0x0c1a failed: -4 [ 92.264870][ T6586] Bluetooth: hci1: Error when powering off device on rfkill (-4) [ 92.267095][ T6586] Bluetooth: hci2: Opcode 0x0c1a failed: -4 [ 92.268492][ T6586] Bluetooth: hci2: Error when powering off device on rfkill (-4) [ 93.368852][ T6656] tipc: Started in network mode [ 93.371155][ T6656] tipc: Node identity ac14140f, cluster identity 4711 [ 93.375585][ T6656] tipc: New replicast peer: 255.255.255.255 [ 93.378278][ T6656] tipc: Enabled bearer , priority 10 [ 93.381191][ T6656] tipc: Cannot configure node identity twice [ 93.382794][ T6656] tipc: Cannot configure node identity twice [ 93.432763][ T6660] netlink: 304 bytes leftover after parsing attributes in process `syz.1.130'. [ 93.579369][ T6666] netlink: 240 bytes leftover after parsing attributes in process `syz.1.131'. [ 93.679602][ T6669] hub 1-0:1.0: USB hub found [ 93.681132][ T6669] hub 1-0:1.0: 6 ports detected [ 93.845178][ T6006] usb 1-1: new high-speed USB device number 3 using ehci-pci [ 94.040949][ T6006] usb 1-1: New USB device found, idVendor=0627, idProduct=0001, bcdDevice= 0.00 [ 94.043821][ T6006] usb 1-1: New USB device strings: Mfr=1, Product=3, SerialNumber=10 [ 94.046679][ T6006] usb 1-1: Product: QEMU USB Tablet [ 94.049039][ T6006] usb 1-1: Manufacturer: QEMU [ 94.050574][ T6006] usb 1-1: SerialNumber: 28754-0000:00:1d.7-1 [ 94.088521][ T6006] input: QEMU QEMU USB Tablet as /devices/pci0000:00/0000:00:1d.7/usb1/1-1/1-1:1.0/0003:0627:0001.0002/input/input5 [ 94.111085][ T6006] hid-generic 0003:0627:0001.0002: input,hidraw0: USB HID v0.01 Mouse [QEMU QEMU USB Tablet] on usb-0000:00:1d.7-1/input0 [ 94.386406][ T25] tipc: Node number set to 2886997007 [ 94.707461][ T6698] netlink: 'syz.1.142': attribute type 1 has an invalid length. [ 94.714888][ T6698] 8021q: adding VLAN 0 to HW filter on device bond1 [ 94.727546][ T6698] bond1: (slave ip6gretap1): making interface the new active one [ 94.730734][ T6698] bond1: (slave ip6gretap1): Enslaving as an active interface with an up link [ 94.741725][ T6698] vlan3: entered promiscuous mode [ 94.743737][ T6698] bond1: entered promiscuous mode [ 94.747476][ T6698] ip6gretap1: entered promiscuous mode [ 94.749750][ T6698] vlan3: entered allmulticast mode [ 94.751682][ T6698] bond1: entered allmulticast mode [ 94.753707][ T6698] ip6gretap1: entered allmulticast mode [ 94.943767][ T6707] overlayfs: refusing to follow metacopy origin for (/file0) [ 95.425038][ T2290] usb 8-1: new high-speed USB device number 3 using dummy_hcd [ 95.595026][ T2290] usb 8-1: Using ep0 maxpacket: 32 [ 95.598152][ T2290] usb 8-1: config index 0 descriptor too short (expected 156, got 27) [ 95.600301][ T2290] usb 8-1: too many endpoints for config 0 interface 0 altsetting 191: 144, using maximum allowed: 30 [ 95.603797][ T2290] usb 8-1: config 0 interface 0 altsetting 191 endpoint 0x87 has an invalid bInterval 0, changing to 7 [ 95.609171][ T2290] usb 8-1: config 0 interface 0 altsetting 191 has 1 endpoint descriptor, different from the interface descriptor's value: 144 [ 95.613553][ T2290] usb 8-1: config 0 interface 0 has no altsetting 0 [ 95.617372][ T2290] usb 8-1: New USB device found, idVendor=0f11, idProduct=1021, bcdDevice=86.66 [ 95.619696][ T2290] usb 8-1: New USB device strings: Mfr=85, Product=120, SerialNumber=172 [ 95.621745][ T2290] usb 8-1: Product: syz [ 95.622800][ T2290] usb 8-1: Manufacturer: syz [ 95.624011][ T2290] usb 8-1: SerialNumber: syz [ 95.627053][ T2290] usb 8-1: config 0 descriptor?? [ 95.630842][ T2290] ldusb 8-1:0.0: Interrupt out endpoint not found (using control endpoint instead) [ 95.638764][ T2290] ldusb 8-1:0.0: LD USB Device #0 now attached to major 180 minor 0 [ 96.366305][ T25] usb 8-1: USB disconnect, device number 3 [ 96.383226][ T25] ldusb 8-1:0.0: LD USB Device #0 now disconnected [ 96.861905][ T6751] netlink: 8 bytes leftover after parsing attributes in process `syz.1.160'. [ 96.864251][ T6751] netlink: 12 bytes leftover after parsing attributes in process `syz.1.160'. [ 97.294996][ T25] usb 5-1: new high-speed USB device number 3 using dummy_hcd [ 97.485965][ T25] usb 5-1: New USB device found, idVendor=0572, idProduct=cb01, bcdDevice=26.65 [ 97.488251][ T25] usb 5-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 97.490260][ T25] usb 5-1: Product: syz [ 97.491412][ T25] usb 5-1: Manufacturer: syz [ 97.492587][ T25] usb 5-1: SerialNumber: syz [ 97.494620][ T25] usb 5-1: config 0 descriptor?? [ 97.872146][ T25] cx82310_eth 5-1:0.0: probe with driver cx82310_eth failed with error -22 [ 97.876221][ T25] cxacru 5-1:0.0: usbatm_usb_probe: bind failed: -19! [ 97.913313][ T25] usb 5-1: USB disconnect, device number 3 [ 99.671931][ T6842] platform regulatory.0: Direct firmware load for regulatory.db failed with error -2 [ 99.674392][ T6842] platform regulatory.0: Falling back to sysfs fallback for: regulatory.db [ 100.399055][ T6866] netlink: 4 bytes leftover after parsing attributes in process `syz.3.200'. [ 100.519322][ T6842] syz.1.195 (6842) used greatest stack depth: 19248 bytes left [ 101.079465][ T6895] UDPLite6: UDP-Lite is deprecated and scheduled to be removed in 2025, please contact the netdev mailing list [ 103.508121][ T6972] usb 1-1: USB disconnect, device number 3 [ 103.964532][ T6977] pim6reg: entered allmulticast mode [ 103.970970][ T6977] pim6reg: left allmulticast mode [ 105.375406][ T25] usb 7-1: new high-speed USB device number 2 using dummy_hcd [ 105.536705][ T25] usb 7-1: New USB device found, idVendor=17e9, idProduct=8b4e, bcdDevice=9c.08 [ 105.539800][ T25] usb 7-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 105.543258][ T25] usb 7-1: config 0 descriptor?? [ 105.750328][ T25] [drm] vendor descriptor length:e0 data:00 00 00 00 00 00 00 00 00 00 00 [ 105.753430][ T25] [drm:udl_init] *ERROR* Unrecognized vendor firmware descriptor [ 105.769908][ T25] [drm] Initialized udl 0.0.1 for 7-1:0.0 on minor 3 [ 105.772693][ T25] [drm] Initialized udl on minor 3 [ 105.968130][ T25] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 105.974628][ T25] udl 7-1:0.0: [drm] Cannot find any crtc or sizes [ 105.982537][ T58] udl 7-1:0.0: [drm] *ERROR* Read EDID byte 0 failed err ffffffb9 [ 105.986090][ T25] usb 7-1: USB disconnect, device number 2 [ 105.988187][ T58] udl 7-1:0.0: [drm] Cannot find any crtc or sizes [ 106.342403][ T7059] infiniband syz2: set active [ 106.344011][ T7059] infiniband syz2: added team_slave_1 [ 106.375873][ T7059] RDS/IB: syz2: added [ 106.377851][ T7059] smc: adding ib device syz2 with port count 1 [ 106.379810][ T7059] smc: ib device syz2 port 1 has pnetid [ 109.285156][ T8] usb 8-1: new high-speed USB device number 4 using dummy_hcd [ 109.436280][ T8] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has an invalid bInterval 0, changing to 7 [ 109.439218][ T8] usb 8-1: config 0 interface 0 altsetting 0 endpoint 0x81 has invalid wMaxPacketSize 0 [ 109.441837][ T8] usb 8-1: New USB device found, idVendor=07c0, idProduct=1524, bcdDevice= 0.00 [ 109.444230][ T8] usb 8-1: New USB device strings: Mfr=0, Product=0, SerialNumber=0 [ 109.448423][ T8] usb 8-1: config 0 descriptor?? [ 109.540613][ T7154] fuse: root generation should be zero [ 109.653043][ T7145] netlink: 8 bytes leftover after parsing attributes in process `syz.3.288'. [ 109.658789][ T8] usb 8-1: USB disconnect, device number 4 [ 109.671153][ T7166] Bluetooth: MGMT ver 1.23 [ 109.673715][ T7166] Bluetooth: hci0: load_link_keys: expected 3 bytes, got 7 bytes [ 110.196104][ T7170] netlink: 8 bytes leftover after parsing attributes in process `syz.3.296'. [ 110.203959][ T7170] binder_alloc: 7169: binder_alloc_buf, no vma [ 110.475857][ T7187] netlink: 'syz.2.303': attribute type 1 has an invalid length. [ 110.477720][ T7187] netlink: 224 bytes leftover after parsing attributes in process `syz.2.303'. [ 110.589043][ T39] audit: type=1326 audit(1733460575.987:2): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7180 comm="syz.0.300" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 110.594531][ T39] audit: type=1326 audit(1733460575.987:3): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7180 comm="syz.0.300" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 110.600102][ T39] audit: type=1326 audit(1733460575.987:4): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7180 comm="syz.0.300" exe="/syz-executor" sig=0 arch=40000003 syscall=357 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 110.615019][ T39] audit: type=1326 audit(1733460575.987:5): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7180 comm="syz.0.300" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 110.620546][ T39] audit: type=1326 audit(1733460575.987:6): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7180 comm="syz.0.300" exe="/syz-executor" sig=0 arch=40000003 syscall=295 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 110.634980][ T39] audit: type=1326 audit(1733460575.987:7): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7180 comm="syz.0.300" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 110.640353][ T39] audit: type=1326 audit(1733460575.987:8): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7180 comm="syz.0.300" exe="/syz-executor" sig=0 arch=40000003 syscall=333 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 110.645847][ T39] audit: type=1326 audit(1733460575.987:9): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7180 comm="syz.0.300" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 110.651295][ T39] audit: type=1326 audit(1733460575.987:10): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7180 comm="syz.0.300" exe="/syz-executor" sig=0 arch=40000003 syscall=359 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 110.657930][ T39] audit: type=1326 audit(1733460575.987:11): auid=4294967295 uid=0 gid=0 ses=4294967295 subj=unconfined pid=7180 comm="syz.0.300" exe="/syz-executor" sig=0 arch=40000003 syscall=240 compat=1 ip=0xf73fe579 code=0x7ffc0000 [ 110.669985][ T7198] netlink: 512 bytes leftover after parsing attributes in process `syz.2.306'. [ 111.410196][ T7217] netlink: 20 bytes leftover after parsing attributes in process `syz.1.314'. [ 111.695015][ T8] usb 6-1: new high-speed USB device number 3 using dummy_hcd [ 111.858943][ T8] usb 6-1: New USB device found, idVendor=0af0, idProduct=7a05, bcdDevice= 0.00 [ 111.861595][ T8] usb 6-1: New USB device strings: Mfr=1, Product=2, SerialNumber=3 [ 111.863675][ T8] usb 6-1: Product: syz [ 111.864766][ T8] usb 6-1: Manufacturer: syz [ 111.866232][ T8] usb 6-1: SerialNumber: syz [ 111.868361][ T8] usb 6-1: config 0 descriptor?? [ 112.069070][ T7230] ------------[ cut here ]------------ [ 112.070670][ T7230] refcount_t: underflow; use-after-free. [ 112.072511][ T7230] WARNING: CPU: 2 PID: 7230 at lib/refcount.c:28 refcount_warn_saturate+0x14a/0x210 [ 112.074469][ T8] hso 6-1:0.0: Can't find BULK IN endpoint [ 112.075146][ T7230] Modules linked in: [ 112.075177][ T7230] CPU: 2 UID: 0 PID: 7230 Comm: syz.3.317 Not tainted 6.13.0-rc1-syzkaller-00036-g5076001689e4 #0 [ 112.075191][ T7230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 112.075198][ T7230] RIP: 0010:refcount_warn_saturate+0x14a/0x210 [ 112.075218][ T7230] Code: ff 89 de e8 28 99 ff fc 84 db 0f 85 66 ff ff ff e8 3b 97 ff fc c6 05 22 b6 6b 0b 01 90 48 c7 c7 40 ec b0 8b e8 97 6c c0 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 18 97 ff fc 0f b6 1d fd b5 6b 0b 31 [ 112.075229][ T7230] RSP: 0018:ffffc90023b6f928 EFLAGS: 00010286 [ 112.075240][ T7230] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc9000c402000 [ 112.075247][ T7230] RDX: 0000000000080000 RSI: ffffffff815a1796 RDI: 0000000000000001 [ 112.075255][ T7230] RBP: ffff88806d2c54e4 R08: 0000000000000001 R09: 0000000000000000 [ 112.075262][ T7230] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000002 [ 112.075269][ T7230] R13: 0000000000000000 R14: ffff88806d2c54e4 R15: 0000000000000001 [ 112.075277][ T7230] FS: 0000000000000000(0000) GS:ffff88802b600000(0063) knlGS:00000000f50a6b40 [ 112.075298][ T7230] CS: 0010 DS: 002b ES: 002b CR0: 0000000080050033 [ 112.075309][ T7230] CR2: 00000000f71b3c60 CR3: 000000004a4e6000 CR4: 0000000000352ef0 [ 112.075317][ T7230] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 [ 112.075584][ T7230] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 [ 112.078961][ T8] usb-storage 6-1:0.0: USB Mass Storage device detected [ 112.079987][ T7230] Call Trace: [ 112.079995][ T7230] [ 112.119611][ T7230] ? __warn+0xea/0x3c0 [ 112.120691][ T7230] ? refcount_warn_saturate+0x14a/0x210 [ 112.122173][ T7230] ? report_bug+0x3c0/0x580 [ 112.123384][ T7230] ? handle_bug+0x54/0xa0 [ 112.124535][ T7230] ? exc_invalid_op+0x17/0x50 [ 112.125834][ T7230] ? asm_exc_invalid_op+0x1a/0x20 [ 112.127143][ T7230] ? __warn_printk+0x1a6/0x350 [ 112.128446][ T7230] ? refcount_warn_saturate+0x14a/0x210 [ 112.129903][ T7230] ? refcount_warn_saturate+0x149/0x210 [ 112.131342][ T7230] sk_skb_reason_drop+0x183/0x1a0 [ 112.132688][ T7230] j1939_session_destroy+0x163/0x460 [ 112.134066][ T7230] j1939_session_put+0x64/0x90 [ 112.135370][ T7230] j1939_sk_sendmsg+0xe8f/0x13c0 [ 112.136673][ T7230] ? __pfx_j1939_sk_sendmsg+0x10/0x10 [ 112.138076][ T7230] ____sys_sendmsg+0x9ae/0xb40 [ 112.139323][ T7230] ? __pfx_____sys_sendmsg+0x10/0x10 [ 112.140704][ T7230] ? get_compat_msghdr+0x11b/0x170 [ 112.142078][ T7230] ___sys_sendmsg+0x135/0x1e0 [ 112.143358][ T7230] ? __pfx____sys_sendmsg+0x10/0x10 [ 112.144739][ T7230] ? __pfx_lock_release+0x10/0x10 [ 112.146241][ T7230] ? trace_lock_acquire+0x14e/0x1f0 [ 112.147599][ T7230] ? __fget_files+0x206/0x3a0 [ 112.148845][ T7230] __sys_sendmsg+0x16e/0x220 [ 112.150058][ T7230] ? __pfx___sys_sendmsg+0x10/0x10 [ 112.151395][ T7230] ? __ia32_sys_futex_time32+0x1da/0x460 [ 112.152904][ T7230] __do_fast_syscall_32+0x73/0x120 [ 112.154240][ T7230] do_fast_syscall_32+0x32/0x80 [ 112.155598][ T7230] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 112.157235][ T7230] RIP: 0023:0xf73be579 [ 112.158297][ T7230] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 112.163307][ T7230] RSP: 002b:00000000f50a657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 112.165506][ T7230] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000180 [ 112.167546][ T7230] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 112.169585][ T7230] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 112.171632][ T7230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 112.173676][ T7230] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 112.175844][ T7230] [ 112.176663][ T7230] Kernel panic - not syncing: kernel: panic_on_warn set ... [ 112.178506][ T7230] CPU: 2 UID: 0 PID: 7230 Comm: syz.3.317 Not tainted 6.13.0-rc1-syzkaller-00036-g5076001689e4 #0 [ 112.181194][ T7230] Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.16.3-debian-1.16.3-2~bpo12+1 04/01/2014 [ 112.184128][ T7230] Call Trace: [ 112.185027][ T7230] [ 112.185797][ T7230] dump_stack_lvl+0x3d/0x1f0 [ 112.187002][ T7230] panic+0x71d/0x800 [ 112.188031][ T7230] ? __pfx_panic+0x10/0x10 [ 112.189199][ T7230] ? show_trace_log_lvl+0x29d/0x3d0 [ 112.190555][ T7230] ? refcount_warn_saturate+0x14a/0x210 [ 112.191985][ T7230] check_panic_on_warn+0xab/0xb0 [ 112.193294][ T7230] __warn+0xf6/0x3c0 [ 112.194322][ T7230] ? refcount_warn_saturate+0x14a/0x210 [ 112.195820][ T7230] report_bug+0x3c0/0x580 [ 112.197053][ T7230] handle_bug+0x54/0xa0 [ 112.198141][ T7230] exc_invalid_op+0x17/0x50 [ 112.199331][ T7230] asm_exc_invalid_op+0x1a/0x20 [ 112.200607][ T7230] RIP: 0010:refcount_warn_saturate+0x14a/0x210 [ 112.202248][ T7230] Code: ff 89 de e8 28 99 ff fc 84 db 0f 85 66 ff ff ff e8 3b 97 ff fc c6 05 22 b6 6b 0b 01 90 48 c7 c7 40 ec b0 8b e8 97 6c c0 fc 90 <0f> 0b 90 90 e9 43 ff ff ff e8 18 97 ff fc 0f b6 1d fd b5 6b 0b 31 [ 112.207002][ T7230] RSP: 0018:ffffc90023b6f928 EFLAGS: 00010286 [ 112.208555][ T7230] RAX: 0000000000000000 RBX: 0000000000000000 RCX: ffffc9000c402000 [ 112.210578][ T7230] RDX: 0000000000080000 RSI: ffffffff815a1796 RDI: 0000000000000001 [ 112.212674][ T7230] RBP: ffff88806d2c54e4 R08: 0000000000000001 R09: 0000000000000000 [ 112.214712][ T7230] R10: 0000000000000000 R11: 0000000000000001 R12: 0000000000000002 [ 112.216754][ T7230] R13: 0000000000000000 R14: ffff88806d2c54e4 R15: 0000000000000001 [ 112.218783][ T7230] ? __warn_printk+0x1a6/0x350 [ 112.220025][ T7230] ? refcount_warn_saturate+0x149/0x210 [ 112.221460][ T7230] sk_skb_reason_drop+0x183/0x1a0 [ 112.222736][ T7230] j1939_session_destroy+0x163/0x460 [ 112.224110][ T7230] j1939_session_put+0x64/0x90 [ 112.225345][ T7230] j1939_sk_sendmsg+0xe8f/0x13c0 [ 112.226643][ T7230] ? __pfx_j1939_sk_sendmsg+0x10/0x10 [ 112.228037][ T7230] ____sys_sendmsg+0x9ae/0xb40 [ 112.229281][ T7230] ? __pfx_____sys_sendmsg+0x10/0x10 [ 112.230631][ T7230] ? get_compat_msghdr+0x11b/0x170 [ 112.231949][ T7230] ___sys_sendmsg+0x135/0x1e0 [ 112.233424][ T7230] ? __pfx____sys_sendmsg+0x10/0x10 [ 112.234800][ T7230] ? __pfx_lock_release+0x10/0x10 [ 112.236093][ T7230] ? trace_lock_acquire+0x14e/0x1f0 [ 112.237444][ T7230] ? __fget_files+0x206/0x3a0 [ 112.238670][ T7230] __sys_sendmsg+0x16e/0x220 [ 112.239866][ T7230] ? __pfx___sys_sendmsg+0x10/0x10 [ 112.241214][ T7230] ? __ia32_sys_futex_time32+0x1da/0x460 [ 112.242705][ T7230] __do_fast_syscall_32+0x73/0x120 [ 112.244042][ T7230] do_fast_syscall_32+0x32/0x80 [ 112.245300][ T7230] entry_SYSENTER_compat_after_hwframe+0x84/0x8e [ 112.246981][ T7230] RIP: 0023:0xf73be579 [ 112.248044][ T7230] Code: b8 01 10 06 03 74 b4 01 10 07 03 74 b0 01 10 08 03 74 d8 01 00 00 00 00 00 00 00 00 00 00 00 00 00 51 52 55 89 e5 0f 34 cd 80 <5d> 5a 59 c3 90 90 90 90 8d b4 26 00 00 00 00 8d b4 26 00 00 00 00 [ 112.253002][ T7230] RSP: 002b:00000000f50a657c EFLAGS: 00000292 ORIG_RAX: 0000000000000172 [ 112.255128][ T7230] RAX: ffffffffffffffda RBX: 0000000000000004 RCX: 0000000020000180 [ 112.257163][ T7230] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 0000000000000000 [ 112.259197][ T7230] RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 [ 112.261241][ T7230] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000 [ 112.263336][ T7230] R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000000 [ 112.265356][ T7230] [ 112.266617][ T7230] Kernel Offset: disabled [ 112.267787][ T7230] Rebooting in 86400 seconds.. VM DIAGNOSIS: 04:49:37 Registers: info registers vcpu 0 CPU#0 RAX=0000000000000074 RBX=00000000000003f8 RCX=0000000000000000 RDX=00000000000003f8 RSI=ffffffff85153155 RDI=ffffffff9a6682c0 RBP=ffffffff9a668280 RSP=ffffc900001a69d0 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000009 R12=0000000000000000 R13=0000000000000074 R14=ffffffff851530f0 R15=0000000000000000 RIP=ffffffff8515317f RFL=00000002 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b400000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000003000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000001000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c2847d9 CR3=000000006ba58000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 1 CPU#1 RAX=0000000000255d71 RBX=0000000000000001 RCX=ffffffff8b1ab889 RDX=0000000000000000 RSI=ffffffff8b4cd0e0 RDI=ffffffff8bb13700 RBP=ffffed10039dc910 RSP=ffffc9000047fe08 R8 =0000000000000001 R9 =ffffed10056a6fed R10=ffff88802b537f6b R11=0000000000000000 R12=0000000000000001 R13=ffff88801cee4880 R14=ffffffff901cb150 R15=0000000000000000 RIP=ffffffff8b1acc6f RFL=00000206 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b500000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe000004a000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe0000048000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000002f31fffc CR3=00000000703d0000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000002 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000005000000000 0000000100000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 2 CPU#2 RAX=dffffc0000000005 RBX=00000000000003f9 RCX=0000000000000000 RDX=00000000000003f9 RSI=ffffffff85153210 RDI=ffffffff9a6682c0 RBP=ffffffff9a668280 RSP=ffffc90023b6f298 R8 =0000000000000001 R9 =000000000000001f R10=0000000000000000 R11=0000000000000005 R12=0000000000000000 R13=ffffffff9a668280 R14=ffffffff9a6682d0 R15=000000000000002a RIP=ffffffff85153237 RFL=00000006 [-----P-] CPL=0 II=0 A20=1 SMM=0 HLT=0 ES =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =002b 0000000000000000 ffffffff 00c0f300 DPL=3 DS [-WA] FS =0000 0000000000000000 ffffffff 00c00000 GS =0063 ffff88802b600000 ffffffff 00d0f300 DPL=3 DS [-WA] LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe0000091000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe000008f000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=00000000f71b3c60 CR3=000000004a4e6000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=0000000000000000 DR6=00000000fffe0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000000 Opmask01=0000000000000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=0000000000000000 Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000052 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 info registers vcpu 3 CPU#3 RAX=000000000011db79 RBX=0000000000000003 RCX=ffffffff8b1ab889 RDX=0000000000000000 RSI=ffffffff8b4cd0e0 RDI=ffffffff8bb13700 RBP=ffffed10039df488 RSP=ffffc9000049fe08 R8 =0000000000000001 R9 =ffffed10056e6fed R10=ffff88802b737f6b R11=0000000000000000 R12=0000000000000003 R13=ffff88801cefa440 R14=ffffffff901cb150 R15=0000000000000000 RIP=ffffffff8b1acc6f RFL=00000202 [-------] CPL=0 II=0 A20=1 SMM=0 HLT=1 ES =0000 0000000000000000 ffffffff 00c00000 CS =0010 0000000000000000 ffffffff 00a09b00 DPL=0 CS64 [-RA] SS =0018 0000000000000000 ffffffff 00c09300 DPL=0 DS [-WA] DS =0000 0000000000000000 ffffffff 00c00000 FS =0000 0000000000000000 ffffffff 00c00000 GS =0000 ffff88802b700000 ffffffff 00c00000 LDT=0000 0000000000000000 ffffffff 00c00000 TR =0040 fffffe00000d8000 00004087 00008b00 DPL=0 TSS64-busy GDT= fffffe00000d6000 0000007f IDT= fffffe0000000000 0000ffff CR0=80050033 CR2=000000000c2c6744 CR3=0000000022bb2000 CR4=00352ef0 DR0=0000000000000000 DR1=0000000000000000 DR2=0000000000000000 DR3=000000000000000e DR6=00000000ffff0ff0 DR7=0000000000000400 EFER=0000000000000d01 FCW=037f FSW=0000 [ST=0] FTW=00 MXCSR=00001f80 FPR0=0000000000000000 0000 FPR1=0000000000000000 0000 FPR2=0000000000000000 0000 FPR3=0000000000000000 0000 FPR4=0000000000000000 0000 FPR5=0000000000000000 0000 FPR6=0000000000000000 0000 FPR7=0000000000000000 0000 Opmask00=0000000000000001 Opmask01=0000000010000000 Opmask02=0000000000000000 Opmask03=0000000000000000 Opmask04=00000000ffffffff Opmask05=0000000000000000 Opmask06=0000000000000000 Opmask07=0000000000000000 ZMM00=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000001 ZMM01=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 00007ffcc6e561c0 0000003000000018 ZMM02=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 6565656565656565 6565656565656565 ZMM03=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM04=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM05=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ffffffffffffffff ffffffffffff0000 ZMM06=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ff00ff0000000000 0000000000000000 ZMM07=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM08=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM09=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM10=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM11=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM12=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM13=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM14=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM15=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM16=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM17=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a 0a0a0a0a0a0a0a0a ZMM18=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3020203a5346205d 3033323754205b5d 3737323537302e32 313120205b3e3400 ZMM19=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3020203053462057 3033323754205157 3737323537302432 3131202051343400 ZMM20=0000000000000000 0000000000000000 0000000000000000 0000000000000000 302030203a522041 303332203820395d 3632323230302e32 313120203a383130 ZMM21=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0020302020302020 3020202020203920 2031202030202030 2020202020342020 ZMM22=0000000000000000 0000000000000000 0000000000000000 0000000000000000 332a323b2a326f2a 6c6c2a6c6c2a6c6c 2a393e2a336f2a3a 332a3a332a683a2a ZMM23=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM24=0000000000000000 0000000000000000 0000000000000000 0000000000000000 3a2a305a59582a57 3a39383d5e2a5157 3338383f3d3a2438 3b3b2a2a51343e36 ZMM25=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM26=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM27=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM28=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM29=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM30=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 ZMM31=0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000 0000000000000000